Deactivate Button depending on the user

Question

Deactivate Button depending on the user

Navigation

#1 by (0 votes)
#2 by (0 votes)

0

I'm working on php and mysql is a web application and I have a database with a table called users with the fields

user_id
name
user_type
password

And in the user type there could only be two that are ADMINISTRATOR and USER. What I want to do is that when you enter the system depending on the user, some buttons are enabled for example If the user is an administrator, all the buttons are enabled, but if they are a normal user, all are disabled.

This is the code where I used the user data to be able to access the system

<?php 
$usuario = $_POST['u'];
$pass= $_POST['p'];


if(empty($usuario) || empty($pass))
{
    header("Location: index.html");
    exit();
}

mysql_connect('localhost','root','') or die("Error al conectar".mysql_error());

mysql_select_db('horarioescolar') or die("Serror al seleccionlar la base de datos".mysql_error());

$result = mysql_query("SELECT * FROM usuarios where usuario = '".$usuarios."' and passw = '".$pass."'");

if($row = mysql_fetch_array($result)){
    if(  $row['passw'] == $pass){
        session_start();
        $_SESSION['usuarios'] = $usuario;
        header("Location:contenido.php");
    }else{
        header("Location:inde.php");
        exit();
    }
}else{
    header("Location:inde.php");

    exit();
}

javascript php web

asked by 21.11.2017 в 17:30

source

2 answers

Given final block not properly padded HTML-PHP Survey does not run without XAMPP

score 0 · Answer 1

Answering what you ask would be like this (below is also HOW it really should be):

<input type="hidden" id="user_level" value="<?=$user_level?>"

(where $ user_level is a variable where you keep what kind of user it is)

<button onclick="algunafuncionaejecutar();" id="funcion1">Acción 1</button>
<button onclick="otrafuncionaejecutar();" id="funcion2">Acción 2</button>

and you have a JS function which is responsible for validating who you are (you will have to edit it so that it is as you need it) ...

validUSer: function () {
   if($('#user_level').val() == 'user_NO_admin') {
      $('#funcion1').prop('disabled', true);
      $('#funcion2').prop('disabled', true);
   }
},

============================================== Now, a form that would serve you if it is a small platform and you want to be able to discriminate well access to where you can go (via menu), you have this option:

switch ($user_level) {
    case 'administrador':
        require_once('cabecera_admin.php');
        break;
    case 'editor':
        require_once('cabecera_editor.php');
        break;
    case 'usuario':
        require_once('cabecera_usuario.php');
        break;
}

where based on $ user_level (variable where you saved what type of user it is) a header is shown with the menu of items enabled exclusively according to their level, it can also be $ _SESSION instead of saving the user type as variable ... And it should be noted (obviously XD) that in each section you have on your site, validity type of person is so you can use the form (or whatever) or redirect you if you do not have the level of user that corresponds. ..

=== To manage MySQL this is my little copy that I usually have ... link

(to which you must always accompany it with several data cleansing measures for more security ...)

score 0 · Answer 2

We add a session variable with the type of user:

$_SESSION["tipo"] = $row['tipo_usuario'];

before redirecting to content.php

<?php 
$usuario = $_POST['u'];
$pass= $_POST['p'];


if(empty($usuario) || empty($pass))
{
header("Location: index.html");
exit();
}

mysql_connect('localhost','root','') or die("Error al conectar".mysql_error());

mysql_select_db('horarioescolar') or die("Serror al seleccionlar la base de datos".mysql_error());

$result = mysql_query("SELECT * FROM usuarios where usuario = '".$usuarios."' and passw = '".$pass."'");

if($row = mysql_fetch_array($result)){
if(  $row['passw'] == $pass){
    session_start();
    $_SESSION['usuarios'] = $usuario;
// Agregamos una variable de sesion con el tipo de usuario
$_SESSION["tipo"] = $row['tipo_usuario'];

    header("Location:contenido.php");
}else{
    header("Location:inde.php");
    exit();
}
}else{
header("Location:inde.php");

exit();
}

and in contenido.php, you add an if to the element you want

<? if ($_SESSION["tipo"]=="administrador")
{echo "Contenido exclusivo para usuario tipo Admin"; } 
?>