ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
session_start();
include_once 'db.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//collect form data and store in variables
$username = trim($_POST['username'] );
$password = md5($_POST['password']);
$DB->query('SELECT * FROM users WHERE username = :username AND password = :password');
$DB->bind(':username', $username);
$DB->bind(':password', $password);
$result=$DB->single();
if ($result) {
header('Location: http://localhost/form/admin.php');
} else {
echo "Wrong Password/Username Combination";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Login Page</title>
</head>
<body>
<h2> User Authenticatication System</h2>
<h3>Login Form</h3>
<?php if(isset($message)){?>
<span style="color: red"> <?=$message?></span> <br>
<?php }?>
<br><br>
<form action="" method="POST">
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" value="" ></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" value="" ></td>
</tr>
</table>
<input type="submit" name="login" value="Login">
</form>
<p><a href="http://localhost/form/welcome.php"> Back to Homepage </a></p>
</body>
</html>```Need a clearer question. PDO is just the connection driver to the database, so it is irrelevant at this point. It sounds like you want a dashboard.
Yes…Where when you login as an admin you get all functionalities
You have to write all that, unless you use a framework that does it for you. Yii would be an example of this. It uses scaffolding to build the functionality and views for you. Otherwise, you need to be the one to write all of that yourself.
Any assistance on how to go about it??
You need to be more spesific, installing an admin panel or making one? Do you really need one or could you get away with just editing the db directly?
These are moments when a framework like Symfony or Laravel shines. You’d get a proper login system and installable admin panels basically for free.
There are thousands of examples of this online. Some sties call it CRUD.
( Create, Read, Update, Delete ) So, you can search for it. Here is one: CRUD Example
But, on this example, you would need to add in your protection to make sure it is only used by the ADMIN…
Hope this helps…
It helps but going about it is what i am doing now…if you have any info that can assist don’t hesitate …
Do you mean with writing the CRUD or with protecting for the ADMIN?
For the CRUD, that one example covers everything you need. You just need to customize it for your data.
For the ADMIN protection, just make a simple login. When someone logs in, just save their user level in
a session variable. Some programmers use numbers for levels, but, I just use text. Like “ADMIN” for any
administrator and “Standard” for regular users. Then, at the top of each of the CRUD pages, you just check
for the session variable and if it is not ADMIN, move to a non-CRUD page. Simple enough…
Be more exact on what you need help with and we will help you.
I meant for protecting the ADMIN anyhu thanks for the info.
Okay, so you create a simple login screen.
Set up your session as the first line of code.
<?PHP
session_start();
Once the user is logged in, save their user level in a session variable like this:
$_SESSION[‘level’]=$row[“user_level”]; (assuming the user level is stored in the database that way.
Then, at the top of various pages, check for this and if not an admin, redirect to the home page.
if($_SESSION[‘level’]!=“ADMIN”) { header(“Location: index.php”); }
This redirects back to the index page, but, it could be any page in your site. Quite often, I use a page
that notifies the user that they came to the wrong page and need to select another. Depends on your needs.
Hope that helps…
Yes! pretty much thanks so much…