I make a blog site. How to check that the user is the admin?
- @gear, If you are given a comprehensive answer, mark it as correct (click on the check mark next to the selected answer). - user31688
|
3 answers
How-how ... Through the database.
To query the user properties, there should be a field of type is_admin .
|
if($user_name == $admin_name){ //code }
You can through the database. Give them privileges.
0- простой юзер, 1 - подтвердил email, 2 - модератор ,3 - Забанен, 4 - админ. if($group == 4){ //code }
Ololoevv ololoevv
198 7
- When adding a new group in the middle there will be a BIDA. To avoid it, you can encode specific values with constants, or, better, immediately work with roles as strings. - etki
- I do not quite understand what you mean. Could you explain to me what the problem is? - Ololoevv
- @Ololoevv, in that a bunch of these fours will be scattered around the code, which a) reduces the likelihood of replacing them without problems, say, on the top five, and b) increases the probability of randomly supplying the wrong number. It is better to operate with constants or functions. - etki
|
And on my site like this:
There is a ustate field:
0 - user banned
1 - logged in, but not yet activated
2 - activated
3 - admin
Every time the code is run, you check this field against the base.
$sq = $ml->prepare('SELECT ustate, ...... FROM users WHERE id = '.$user['id'].' LIMIT 1'); $sq->execute(); $usac = $sq->fetch(PDO::FETCH_ASSOC);; define('USERS_USTATE', $usac['ustate']); In other places where only the admin can be sent, you write a check:
if (USERS_USTATE == 3) { echo 'Вы админ, доступ открыт'; } else { echo 'Доступ закрыт'; } 
Andrey Arshinov Andrey Arshinov
2.369 2 eleven 37
- Is it worth it to sew a check? - user31688 4:26 pm
- through define definitely not worth it. - etki
- @Etki, it was a rhetorical question with a touch of sarcasm :) The group, permissions, etc. should be stored in the user model ... - user31688
|