Show input according to privileges

Question

Show input according to privileges

Navigation

#1 by (0 votes)
#2 by (0 votes)

0

I have a user form and password that sends the data to the following checklogin.php

<?php
session_start();
?>
<?php
$host_db = "localhost";
$user_db = "database1";
$pass_db = "mypass";
$db_name = "usuariodatabase";
$conexion = new mysqli($host_db, $user_db,$pass_db, $db_name);

if ($conexion->connect_error) 
    {
    die("Conexion fallida con la base de datos" . $conexion->connect_error);
    }
$username = $_POST['username'];
$password = $_POST['password'];

$sql = "SELECT * FROM 'usuarios' WHERE 'usuario'='$username';";
$result = $conexion->query($sql);

if ($result->num_rows > 0){     
    }
    $row = $result->fetch_array(MYSQLI_ASSOC);

if (password_verify($password, $row['contrasena'])) 
    { 
    //AQUI GUARDO LAS VARIABLES DE LA BD PARA SER USADAS EN PANEL-CONTROL.PHP
    $_SESSION['loggedin'] = true;
    $_SESSION['usuario'] = $username;
    $_SESSION['start'] = time();
    $_SESSION['expire'] = $_SESSION['start'] + (5 * 800000);

    echo "Bienvenido! ".$_SESSION['usuario'];
    echo "<br><br><a href=panel-control.php>PANEL DE CONTROL</a>";

    }   
        else
        { 
        echo "Usuario o contraseña estan incorrectos.";
        echo "<br><a href='logearse.html'>Volver a Intentarlo</a>";

        }
 mysqli_close($conexion);
?>

After logging in the person can see the following control-panel.php which has a block in php where the session starts and an HTML part in which there are two text boxes

<?php
session_start();
$now = time();

if($now > $_SESSION['expire'])
{
    session_destroy();
    echo "Su sesion a terminado,
    <a href='index.html'>Necesita Hacer Login</a>";
    exit;
}
?>
<HTML>
  <body>
    <input id=input1>
    <input id=input2>
  </body>
</HTML>

How could we not show the two boxes for the user let's call it X, that is, only one box is shown in this case input1 since he does not have permission for that, and for the user Z who has high privileges if he can see the two boxes, I imagine that is done with PHP code within the HTML in which the user is validated and box 1 must go within that code, am I right?

html php

asked by Gabriel Uribe Gomez 13.08.2018 в 01:48

source

2 answers

How can I include materialize-css in a parcel index.js, calling the files from node_modules? VBA Acess - List Box (ListBox)

score 0 · Answer 1

In order not to "embed" HTML code within a PHP echo there is a more appropriate solution and it is to do the following:

<?php if($_SESSION['privilegio'] == 0):?>
<input id=input1>
<?php endif; ?>
<?php if($_SESSION['privilegio'] == 1):?>
<input id=input2>
<?php endif; ?>

Taking the extract from the previous example.

score 0 · Answer 2

You can add the "privileges" field to the database, now, suppose that the user "x" has rank 0, and the "z" has rank 1 (ranks or privileges, as you see it), then in the Control panel when displaying the INPUT would be like this:

<HTML>
  <body>
<?php
echo '<input id=input1>'; /*Esto lo mostramos siempre, ya que eso lo puede 
ver el rango 0 y el 1*/
if ($_SESSION['privilegio'] == 0){
    echo '<input id=input2>';
}
php>
  </body>
</HTML>

The code is based on that you will only use 2 inputs, and if you want to use more it would be better to put a SWITCH, I will add the code below:

<form method="post" action="<?=$_SERVER['PHP_SELF']?>"> <!--Abrimos un form para usar 
la accion "PHP_SELF" -->
<input type ="text" name = "rango"> <!--He añadido esta opción para añadir el rango 
mediante un textbox, ya que no cuento con la base de datos, pero en tu caso 
no es necesario -->
<input type="submit" name="verrango" value="Escuchar"> <!--Usaré el botón 
"verrango" para ejecutar el "submit" y que se pueda realizar el "PHP_SELF"-->
</form>
<?php
if(isset($_POST["verrango"])) /*Al realizarse el "PHP_SELF se vuelven a 
realizar los codigos PHP, entonces se vuelve a ejecutar este IF*/
{
switch ($_POST["rango"]) {
    case '0':
?>  <input id=input1> <?php /*Este input siempre se va a mostrar, ya que lo 
mira el rango 0*/
    break;
    case '1':
?>  <input id=input1>
    <input id=input2> <?php /*En este caso ya se muestran 2 inputs*/
    break;
    case '2':
?>  <input id=input1>  
    <input id=input2>
    <input id=input3> <?php /*En este caso ya se muestran 3 inputs*/
    break;
    default:
    echo 'No tienes permisos para ver los inputs'; /*Mandamos un error en 
caso de que el rango no se encuentre en los disponibles*/
    break;
}}?>

I used the method that suggested @Juanjoo Tocino. On the repetition of the code, yes, there is a way to avoid putting all the inputs again depending on the range, and make that code smaller. But I'd like you to first try to find the logic to that problem, and if you really can not, you ask me for help.