How to make the site perform a code withdrawal with a particular user?

Asked

Viewed 59 times

0

Good morning, I have an administrative access page for the Adms of my site but have a part of the code in one of the pages, to create and modify users and passwords, that I would like to appear only when the user "TESTS" is connected on the page. I’m a little layy in PHP so I believe I’ve done something wrong or I’m missing something.

Inside this page is a STRING that calls the name of the connected user, and I am using the same STRING to do, which would be $_SESSION['nome_usuario'].

<?php if ($_SESSION['nome_usuario'] = "TESTES") { ?>
   "Codigos em HTML e PHP que cria e modifica usuarios"...
<?php } ?>

In case I wanted to SE user is equal to "TESTS" it displays the codes and if it is not the same do not present anything. I thank you for all help.

2 answers

0

Usually, when we develop a login system, we register the id of the user who is logged in, which would be correct for you to do.

In this case, as you make the user comparison, being user test, you can solve this impasse as follows:

<?php if ($_SESSION['nome_usuario'] == "TESTES") { ?>
   echo "Codigos em HTML e PHP que cria e modifica usuarios";
<?php } ?>

The == to check equality if you use only =, you will not be able to compare, but will be setting/assigning to Session as test user.

The other way you can do it, that would be the right way:

The moment you do login and password verification in the database, you also set:

$_SESSION['id_usuario'] = $row['id_usuario'] // usuário do banco de dados

And in your users check, you can check as follows:

<?php if ($_SESSION['nome_usuario'] == 1) { ?>
   echo "Codigos em HTML e PHP que cria e modifica usuarios";
<?php } ?>

In this case, id=1, is the test id.

  • Well, I put echo but I can’t apply the code, inside HTML and PHP has single and double quotes, any of the two that I put to echo will be broken in the middle of the code.

  • When there are quotes, you can do: echo "my test content "xxxx" ";

  • I took the code and created in another file a STRING to call him, but the page is showing an error and does not show the code. he is giving this error

  • Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\xampp\htdocs\fraturaexposta.esy.es\Login\Paginas\functions\criausuario.php on line 10 ``

  • and the error would be in the if of that part of the code // Apaga usuários&#xA;&#xA;if ( isset( $_GET['del'] ) ) {&#xA;&#xA; // Delete de cara (sem confirmação)&#xA;&#xA; $pdo_insere = $conexao_pdo->prepare('DELETE FROM usuarios WHERE user_id=?');&#xA;&#xA; $pdo_insere->execute( array( (int)$_GET['del'] ) );&#xA;&#xA; &#xA;&#xA; // Redireciona para o index.php&#xA;&#xA; header('location: ../index.php');&#xA;&#xA;}

  • I used exactly as you showed in the first example and used before double quotes

Show 1 more comment

0

You can do this verification with this code by only changing the assignment operation =, to a comparison operator ==

<?php if ($_SESSION['nome_usuario'] == "TESTES") { ?>
   "Codigos em HTML e PHP que cria e modifica usuarios"...
<?php } ?>

It is recommended that you make this check:

  • When accessing this page you create and modify users, if it is not the test user show an error message;
  • If there is a menu that goes to this page, the link that goes to this page should also be hidden.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.