Hi,
I have a login and register page along with sessions that is working fine, here is a small snippet of the php once a user sucessfully logs in:
if(mysql_num_rows($validate_user_information) == 1)
{
$get_user_information = mysql_fetch_array($validate_user_information);
$_SESSION[“VALID_USER_ID”] = $user_email;
$_SESSION[“USER_FULLNAME”] = strip_tags($get_user_information[“firstname”].’ ‘.$get_user_information[“lastname”]);
echo ‘Index.php?uid=’.$_SESSION[“USER_FULLNAME”].’&’;
echo ‘login_process_completed_successfully=yes’;
}
else
{
echo ‘
’;
}
What i would like to know is if say make a new column in my users table called admin being either true or false.
How can i only let users access certain pages if they are admins?
This is how my site currently work with this php at the top of standard pages:
<?php session_start(); ob_start(); $valid_user_id = trim($_SESSION["VALID_USER_ID"]); if(isset($_SESSION["VALID_USER_ID"]) && !empty($valid_user_id)) { ?>CONTENT GOES HERE
}
else
{
//Send every user who tries to access this page directly without valid session to the login page.
//The login page is the door that every user needs to pass to this page
header(“location: login.php”);
}
?>
Can anyone give a tip on how to write it so on a page only admin can view it?
Thanks