|
PHP - User Role Based Menu Function
I'm not totally new to php but I'm no guru either. I'm building an intranet and have three seperate user roles, user - manager - admin. There are some menu items I don't want to allow simple users to see. This will expand later to give them different views of a page as well (some can view/others can edit). As it stands the login validation is holding they're user level in $SESSION. To give you an idea take a look at what I'm trying to do:
Code: [Select] function usermenu($usermenu) { if($user_level=0) echo ("<ul id="gooeymenu2" class="solidblockmenu"> <li><a href="main.php">Home</a></li> <li><a href="forms.php">Forms</a></li> <li><a href="/support/index.php" target="_new">Support</a></li> <li><a href="documents.php">Documents</a></li> <li><a href="admin/index.php">Admin</a></li> <li><a href="logout.php">Logout</a></li> </ul> <script> gooeymenu.setup({id:'gooeymenu2', selectitem:1, fx:'swing'}) </script>" "); else($user_level=1,2) echo ("<ul id="gooeymenu2" class="solidblockmenu"> <li><a href="main.php">Home</a></li> <li><a href="forms.php">Forms</a></li> <li><a href="/support/index.php" target="_new">Support</a></li> <li><a href="documents.php">Documents</a></li> <li><a href="new.php">New Adviser</a></li> <li><a href="admin/index.php">Admin</a></li> <li><a href="logout.php">Logout</a></li> </ul> <script> gooeymenu.setup({id:'gooeymenu2', selectitem:1, fx:'swing'}) </script>" "); Any help would be great, thanks in advance. Jason Similar TutorialsHi all,
I am working on a project where i need to implement rbac control. I sthere any library available in codeigniter to extend the functionality. I have started working on codeigniter. i want to implement this in codeigniter. Please some on e guide how to achieve that. how to check roles and permssions.
Code what i made so far. Your comments at what should i do differently.
My configs.php
<?php
$userQuery = 'SELECT * FROM users WHERE id = :id';
$user = $db->prepare($userQuery);
$user->bindParam(':id', $_SESSION['userId'], PDO::PARAM_INT);
$user->execute();
$userInfo = $user->fetch(PDO::FETCH_ASSOC);
?>
functions.php
<?php
function loginCheck(){
global $db;
if(isset($_SESSION['userId'], $_SESSION['loginString'])){
$query = 'SELECT username FROM users WHERE id = :id';
$user = $db->prepare($query);
$user->bindParam(':id', $_SESSION['userId'], PDO::PARAM_INT);
$user->execute();
$row = $user->fetch(PDO::FETCH_ASSOC);
if($user->rowCount() == 1){
if(hash('sha512', $row['username'].$_SERVER['HTTP_USER_AGENT']) == $_SESSION['loginString']){
return true;
}else{
return false;
}
}else{
return false;
}
}else{
return false;
}
}
function checkUserRole(){//can be user, admin and moderator
global $userInfo;
if($userInfo['userRole'] == 'admin' or $userInfo['userRole'] == 'moderator'){
return true;
}else{
return false;
}
}
?>
shoutbox.php
Can this be done with one query?
global $db, $userInfo; $sbQuery = 'SELECT * FROM shoutbox ORDER BY dateCreated DESC LIMIT 30'; $sb = $db->query($sbQuery); $usersQuery = 'SELECT * FROM users WHERE shoutBoxBan = "yes"'; $users= $db->query($usersQuery); $usersRow = $users->fetch(PDO::FETCH_ASSOC);
$hiddenAction = '';
while($sbRow = $sb->fetch(PDO::FETCH_ASSOC)){
if(loginCheck() and checkUserRole()){
$hiddenAction = " <a href=\"javascript:;\" onClick=\"deleteMessage('".$sbRow['id']."')\" class=\"shoutBoxDelete\" title=\"Delete\">x</a>";
if($usersRow['username'] == $sbRow['username']){
$hiddenAction .= " <a href=\"javascript:;\" onClick=\"unBan('".$sbRow['username']."')\" class=\"shoutBoxBan\" title=\"Unban\">u</a>";
}else{
if($userInfo['username'] != $sbRow['username']){//admin and moderator cant ban themselves.
$hiddenAction .= " <a href=\"javascript:;\" onClick=\"banUser('".$sbRow['username']."')\" class=\"shoutBoxBan\" title=\"Ban\">o</a>";
$hiddenAction .= " <a href=\"javascript:;\" onClick=\"tempBanUser('".$sbRow['username']."')\" class=\"shoutBoxBan\" title=\"Temp Ban\">ø</a>";
}
}
}
....................................
I am trying to populate a custom field called "Customer Type" current user role. The custom field is displayed on my checkout page. I tried the below in my functions.php of my child theme and thought it would work but it does nothing. Can anyone tell me what I might be doing wrong?
$user = wp_get_current_user(); $fields['customertype'] = $user;
return $fields; add_filter( 'woocommerce_checkout_fields', 'onboarding_update_fields' ); Edited April 11 by JayXHi, so far I have managed to set up a somewhat basic login website with a mysql database backend. Once they have logged on they go to a "main menu" page. What I need to define is that user A sees button A but only that button, etc. (Then of course that same rule would have to apply if they tried to directly go to the page, but I am guessing I can do that in the same way that I currently do to force a login). If anyone has any tutorials or sample code I would much appreciate it. Thanks, I know something is wrong but dunno how to fix it. My intention is to lock user based on ip after 3 unsuccessful attempts. Its incrementing the login count but after 3 attempts, I just can't figure out how to lock the user and reset the value after some time. I'd like a pointer towards the right/best thing to do should my code not be worthy. Thanks and heres my code:
<?php
$user_ip = $_SERVER['REMOTE_ADDR'];
$table_name = "loginattempts";
$query = "SELECT attempts FROM $table_name WHERE user_ip = '$user_ip'";
$result = mysql_query($query) or die("Invalid Login");
while($row = mysql_fetch_array($result)){
$count = $row['attempts'];
}
if($count == 3){
echo("Your login attempt is completed");
}else{
$insert = "INSERT INTO $table_name WHERE user_ip = '$user_ip'";
$result = mysql_query($insert);
$update = "UPDATE $table_name SET attempts = attempts + 1 WHERE user_ip = '$user_ip'";
$result = mysql_query($update);
}
$update = "UPDATE $table_name SET attempts = 0 WHERE lastlogin - NOW() = '60000'";
$result = mysql_query($update);
?>
Hi, I want to update user information in the database but it doesn't do anything. No data entered upon form submission. Please anyone if you can help would be great. Thank you. Code: [Select] <?php ini_set ("display_errors", "1"); error_reporting(E_ALL); $host = "";//edited out $database = ""; $username = ""; $password = ""; $tbl_name = "users"; $link = mysqli_connect($host, $username, $password); $conn = mysql_connect($host, $username, $password) or die("Could not connect: " . mysql_error()); mysql_select_db($database); session_start(); IF (isset($_SESSION['userid'])){ $userid=$_SESSION['userid']; echo $userid; } //$currentUser = $_SESSION['myusername']; //do some cleanup// IF (isset($_POST['submit'])){ $first = $_POST['first']; $last = $_POST['last']; $dob = $_POST['dob']; $gender = $_POST['gender']; $country = $_POST['country']; $state = $_POST['state']; $town = $_POST['town']; $zip = $_POST['zip']; $email = $_POST['email']; $first = mysql_real_escape_string( '$first'); $last = mysql_real_escape_string( '$last'); $dob = mysql_real_escape_string( '$dob'); $gender = mysql_real_escape_string( '$gender'); $country = mysql_real_escape_string( '$country'); $state = mysql_real_escape_string( '$state'); $town = mysql_real_escape_string( '$town'); $zip = mysql_real_escape_string( '$zip'); $email = mysql_real_escape_string( '$email'); }; IF (isset($_SESSION['userid'])){ $userid=$_SESSION['userid']; } ELSE{ $getuserid=mysql_query ("SELECT id FROM users ORDER BY id DESC limit 1") or die(mysql_error()); WHILE ($gtuserid = mysql_fetch_array($getuserid)) { $theuserid=$gtuserid['id']; $userid=$theuserid; $_SESSION['userid']=$theuserid; $userid=$_SESSION['userid']; }//$getuserid }// IF ELSE (isset($_SESSION['userid'])) /////UPDATE SECTION///// IF (isset($_POST['submit'])){ mysql_query ( "UPDATE users SET firstname='$first', lastname='$last', dob = '$dob', gender='$gender', country='$country', state='$state', town='$town', zip='$zip', email='$email' WHERE id=$userid") or die(mysql_error()); }//IF ($_POST['update']=="Update") ?> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>Connection</title> <style type="text/css"> body { font-family:Calibri; font-size:1em; } .title { font-size:1.6em; font-weight:strong; } .links a{ font-size::1.2em; text-decoration:none; } .links a:hover{ font-size::1.2em; color:#0066FF; text-decoration:none; } </style> </head> <body> <p><span class="title">Add your personal information/span></p> <form action="thebeast.php" method="post"> <p> <input type="text" name="first" size="20" id="first" /> First name<br /> <input type="text" name="last" size="20" id="name" /> Last name<br /> <input name="dob" type="text" size="20" id="dob" ; } ?> Date of Birth<br /> <input type="text" name="gender" size="20" id="gender" /> Gender <br /> <input type="text" name="country" size="20" id="country" /> Country<br /> <input type="text" name="state" size="20" id="state" /> State<br /> <input type="text" name="town" size="20" id="town" /> Town<br /> <input type="text" name="zip" size="20" id="zip" /> Zip Code<br /> <input type="text" name="email" size="40" id="email" /> Email<br /> <br /> <input type="submit" name="submit" value="Add your information" /> </form> </body> </html> I have a "Users" table. I would like to find out the average users sign up in total. This table has a "joined date" column so I can track how many users sign up in a single day. For e.g. August 16 - 10 users August 17 - 20 users Auguest 18 - 30 users The total average of user sign ups would be 20 users based on the above results. So I am wondering how can I create this function? This is my starting query.
$get_users = $db->prepare("SELECT user_id FROM users");
$get_users->execute();
$result_users = $get_users->fetchAll(PDO::FETCH_ASSOC);
if(count($result_users) > 0) {
foreach($result_users as $row) {
$user_id = $row['user_id'];
}
}
I manage to display data using below query that will show value for each month. How to calculate average value starting july onwards(based on user selection).
Let say the value for element 'A' are Jul=80, Aug= 80, Sep=90. If user select Aug then the average is 80 and if user select Sep then the average is 83.
Query:
$sql2 = "Select element, SUM(CASE WHEN Month = 'Jan' THEN total ELSE 0 END ) AS Jan, SUM(CASE WHEN Month = 'Feb' THEN total ELSE 0 END ) AS Feb, SUM(CASE WHEN Month = 'Mac' THEN total ELSE 0 END ) AS Mac, SUM(CASE WHEN Month = 'Apr' THEN total ELSE 0 END ) AS Apr, SUM(CASE WHEN Month = 'May' THEN total ELSE 0 END ) AS May, SUM(CASE WHEN Month = 'Jun' THEN total ELSE 0 END ) AS Jun, SUM(CASE WHEN Month = 'Jul' THEN total ELSE 0 END ) AS Jul, SUM(CASE WHEN Month = 'Aug' THEN total ELSE 0 END ) AS Aug, SUM(CASE WHEN Month = 'Sep' THEN total ELSE 0 END ) AS Sep, SUM(CASE WHEN Month = 'Oct' THEN total ELSE 0 END ) AS Oct, SUM(CASE WHEN Month = 'Nov' THEN total ELSE 0 END ) AS Nov, SUM(CASE WHEN Month = 'Dec' THEN total ELSE 0 END ) AS Dis FROM tbl_ma GROUP BY element"; $rs2 = mysql_query($sql2); $getRec2 = mysql_fetch_assoc($rs2);Below is how print the data:
<?php
while ($row = mysql_fetch_assoc($rs2)) {
?>
<tr>
<td style="color:black;background-color:#f5efef"><div align="left"><?php echo $row['element']; ?></div></td>
<?php if( $year != '2014' ){ ?>
<?php if( 1 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jan']; ?></div></td><?php endif; ?>
<?php if( 2 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Feb']; ?></div></td><?php endif; ?>
<?php if( 3 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Mac']; ?></div></td><?php endif; ?>
<?php if( 4 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Apr']; ?></div></td><?php endif; ?>
<?php if( 5 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['May']; ?></div></td><?php endif; ?>
<?php if( 6 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jun']; ?></div></td><?php endif; ?>
<?php } ?>
<?php if( 7 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Jul']; ?></div></td><?php endif; ?>
<?php if( 8 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Aug']; ?></div></td><?php endif; ?>
<?php if( 9 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Sep']; ?></div></td><?php endif; ?>
<?php if( 10 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Oct']; ?></div></td><?php endif; ?>
<?php if( 11 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Nov']; ?></div></td><?php endif; ?>
<?php if( 12 <= $monthID ): ?><td><div align="center" style="color:black"><?php echo $row['Dis']; ?></div></td><?php endif; ?>
<td><div align="center" style="color:black"><?php //echo average; ?></div></td>
</tr>
<?php } ?>
Hi there, I found a Javascript with what I want, but I want it to be in PHP because if people don't have Javascript enabled, they won't see the login. Here is what I have, but I need it to be converted to PHP: Code: [Select] function loginArea() { val = document.loginForm.password.value; switch(val) { case "password1": document.location = 'http://www.google.com/password1-page/'; break; case "password2": document.location = 'http://www.google.com/password2-page/'; break; default: document.location ='http://www.google.com/sorry/'; break; } } Code: [Select] <form name="loginForm" id="loginForm" method="post" action=""> <input name="password" type="text" id="password" maxlength="5" /> <input name="login" type="button" id="login" value="Check" onclick="loginArea()" /> </form> Help? - Steph I would really appreciate help and I hope my problem can be solved easily. I am attempting to display the date/time based on the user's location. I have installed the timezone.js plugin for help as well. Is there a way to convert the Jquery variable that displays the users timezone location and insert it inside the PHP date_default_timezone_set?
If there is an easier way to display the users timezone date and time please let me know otherwise this was the only solution I could find.
Thanks in advanced...
Here is my code
Header
<header>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js"></script>
<script src="Time/detect_timezone.js"></script>
<script src="Time/jquery.detect_timezone.js"></script>
<script>
$(document).ready(function(){
$('#tzvalue').set_timezone({'default' : 'America/Los_Angeles'});
});
</script>
</header>
Hi! I'm attempting to do this and feel that I'm fairly close. Would you take a look and throw me any bones? PHP Code: Code: [Select] <?php if (isset($_POST['ppassword']) && (stristr($string,'') === TRUE)) { switch($_POST['ppassword']) { case "Google": header("Location: http://www.google.com"); exit(); case "Yahoo": header("Location: http://www.yahoo.com"); exit(); case "Bing": header("Location: http://www.bing.com"); exit(); } } ?> The Form: Code: [Select] <form name="portal" id="portal" method="post" action=""> <input name="ppassword" type="text" id="ppassword" maxlength="25" onfocus="this.select()" onblur="this.value=!this.value?'company name':this.value;" value="company name" onclick="this.value=''" /> <input name="login" type="submit" id="login" value="Continue" /> </form> I appreciate any of your help. I feel close and this part Code: [Select] (stristr($string,'') feels like the missing piece of the puzzle. Hello,
I'm embarking on a pretty ambitious task and I need some bits of information here and there.
One of the functions I need to achieve is to build a query or array of photos based on a background image and user input.
So imagine that I have a box and within that box is a column of three rows.
I need to have three different bits of data be placed into each of the subsequent rows and then an image is taken of these three pieces of data overlaying the background photo.
Then stored somewhere with an incremented identifier to be pulled later.
I think I can already begin to imagine how it would work but what eludes me is a "screenshot" function to generate the images. I'm looking for .png or .jpg end result files with fixed width/height and item placement.
Thank you for any help
So I'm trying to basically trying to make an "advanced search" function in PHP/mysql that will allow users to search by a number of different options like search by zipcode, username, gender, etc. Now my question is how do I vary my mysql query so that it searches for all these things based on whatever the user inputs? For example, the user might need to search zipcode and username but not gender, but in another case, might need to search username and gender, but not zipcode. Obviously I could just do some if/else statements, but that would be increasingly more difficult as there are more fields. What can I do? I have two tables. Table Name:Users Fields: User_name user_email user_level pwd 2.Reference Fields: refid username origin destination user_name in the users table and the username field in reference fields are common fields. There is user order form.whenever an user places an order, refid field in reference table will be updated.So the user will be provided with an refid Steps: 1.User needs to log in with a valid user id and pwd 2.Once logged in, there will be search, where the user will input the refid which has been provided to him during the time of order placement. 3.Now User is able to view all the details for any refid 3.Up to this we have completed. Query: Now we need to retrieve the details based on the user logged in. For eg: user 'USER A' has been provided with the referenceid '1234' during the time of order placement user 'USER B' has been provided with the referenceid '2468' during the time of order placement When the userA login and enter the refid as '2468' he should not get any details.He should get details only for the reference ids which is assigned to him. Hello, I had 8 select boxes(dropdowns) in a form. Its like a search kind of implementation in the website. I don't know what the user selects, he may choose different select boxes, any number of select boxes. So, based upon the user selection, I need to generate the data. The data fields to be generated would be almost same. So, How would I know what the user selection is and how many select boxes has been selected and how could I generate different data based upon selected boxes. I had to make a small note abt this, that the data generation fields may change for some of the user select combinations, but most of the result fields would be same. so, can you please help me out, how to do, how to make different combination data generations, because, i had 8 fields, i had to make 8! combinations, that would result in a big code. How can i play with these role in my database table as you can see here //I have a database table CREATE TABLE users ( id int(10) NOT NULL PRIMARY KEY AUTO_INCREMENT, urole varchar(10) ); in the role column, I have 2 roles first role is only used once but the sound one can be assigned to more than one user, now I want to check my table if the first role is already registered, then we can't register user with that role, also the second role can exist two or more times
//check role, a variable user role has been defined as
$urole = $_POST['urole'];
$check = $connect -> prepare('SELECT * FROM users WHERE urole = ?');
$check -> execute([$urole]); $checkfetch = $check -> fetch();
//I'm stacking here, I want to put $checkfetch['urole'] in rowCount() to be counted but I think this is not a correct way of using rowCount()
if(($checkfetch['urole'] == 'MainAdmin') && ($checkfetch ->rowCount() == 1)) {
echo 'This role can be used by only once!';
}
//another role
if(($checkfetch['urole'] == 'NormalAdmin') && ($checkfetch ->rowCount() < 4)) {
echo 'This role can be used 4 times only!';
}
Hello all! So glad I found this forum. I would appreciate some assistance please. I'm working on a filter for a Custom Post Type . I need it to filter the list depending on the user's role. The way this should work is the following...
* Users in roles "formusers1" and "formusers2" can post. Users can only see their own posts. So far I can filter by roles "formusers1" and "formusers2" using `$query->set('author', $current_user->ID);` . However, when try to filter the list for role "formchecker1" I see posts from all roles. What am I doing wrong? Here's the rest of the code. Thanks for checking out!
```
function filter_posts_list($query) {
//MY VARIABLES
//FILTERING
if (current_user_can('formchecker2') && ('edit.php' == $pagenow) && $typenow == 'mycustomcpt' ) {
if ((current_user_can('formusers1') || current_user_can('formusers2')) && ('edit.php' == $pagenow) && $typenow == 'mycustomcpt') {
Hi, I need code that reads from the roles database and then selects which file from these 3 which I want. For example, the user.php file would be loaded if the user has UName = user, Pass = 124, and Roles = User added to the database. But the admin.php and boss.php files would not appear to him.
<?php
session_start();
if(!(isset($_SESSION['User'])))
{
header("Location: index.php");
exit(0);
}
?>
<!DOCTYPE html>
<html>
<body>
<?php
include "config.php";
?>
<!--show for User-->
<?php include 'user.php';?>
<!--show for Admin-->
<?php include 'admin.php';?>
<!--show for Boss-->
<?php include 'boss.php';?>
</body>
</html>
I am having issues with my page. I am trying to send a email to a different address based on the entry that my user submits. Here is my form on my test page. Code: [Select] <form method=POST action=formdata.php> <table width="640" border=0 align="center"> <tr> <td align=right><b>Test</b></td> <td><input type=text name=test size=25></td> <td> </td> <td> </td> </tr> </table> </dl> <div align="center"> <p> <input type=hidden name=FA value=SendMail> </p> <input type=submit value="Submit Form"> </p> </div> </form> here is the php code for my formdata page Code: [Select] <?php $con = mysql_connect("localhost","test","test"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $sql="INSERT INTO formdata (test) VALUES ('$_POST[test]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "Your Information Was Successfully Posted"; mysql_close($con); if ($_POST['test'] =="A"){ $to = "email@sample.com"; $subject = "Custom Form"; $message = $_POST['test'] ; $headers = "From: email@sample.com"; $sent = mail($to, $subject, $message, $headers) ; } else if ($_POST['test'] =="B"){ $to = "email2@sample.com"; $subject = "Custom Form"; $message = $_POST['test'] ; $headers = "From: email@sample.com"; $sent = mail($to, $subject, $message, $headers) ; } if($sent) {print "<p>Your mail was sent successfully"; } else {print "<p>We encountered an error sending your mail"; } ?> I need to know which day of week was on particular date, so for example I would provide date lets say "Nov 22, 2010" formatted as needed and the function would return "Monday", is there a function in php to do that or how can it be done? |
|||||||