stackoom
  简体   繁体   中英

Restrict Access Page for Particular user in PHP

 原文  2015-08-07 04:08:42       php/ mysql

Question

There are 3 users in my database 

id username  password
 1  bhaku     123
 2  navin     124
 3  avinash   123

I want restrict page access. User 'bhaku' will able to access the Page after login. & another users cannot access by loggin in or directly.

I used below code; 

session_start();
    if($_SESSION["full_name"]!="bhaskar")
            {
            header('Location: index.php');
            }

but its throwing "Indirect Loops" error.

and any user can access the page.

So what's the solution?

5 answers

solution1
 0  2015-08-07 04:15:56

    create one more row in ur table with name access as shown below 

    id username  password access
     1  bhaku     123       0
     2  navin     124       1
     3  avinash   123       1

    now allow user to view the page depending on the access value
    example
session_start();
      if($_SESSION["access"]!=0)
                {
                header('Location: index.php');
                }

    Hope it helps.

solution2
 0  2015-08-07 04:35:37

Rather than restrict by username; i think you have to restrict by it's id as you have already assigned for it; the thing you have to make is;

Create session of id as well;

session_start(); if($_SESSION["user_id"]!==1 OR isset($_SESSION["user_id"])) { header('Location: index.php'); exit; }

solution3
 0  2015-08-07 04:46:41

Create a row in the database named Page access or something you like. Then insert a flag value like 0 for unblocked and 1 for blocked. 

  username     access
    jijo          0
    user1         1

On top of the page , Query the db and check whether the flag is 0 or 1 and store the value in the session if you want to use it in more than 1 page. If the flag is 1 it means user is blocked, then redirect the user to any other page.

solution4
 0  2017-03-30 11:25:20

try to print the name of the $['full_name'] and make sure you are getting what you are expecting to get.

the check using 

<?php
session_start();
    if(isset($_SESSION['full_name'] && $_SESSION['full_name'] == "bhaskaran") 
    {
    // redirect where you want to move this user
       header('Location: index.php');
       exit;
    } 
?>

One more point is that it would be easier to redirect using id rather than name because name can be in uppercase and it might be subject to potential security issue.

If you have similar group of people whom you want to provide extra access then as mentioned about create a separate field which stores their access rights. Set it to 1 or anything you want and include it in the if () clause to check if that is also set or not.

I hope this would help you. Please, let me know if you need any further information.

solution5
 -1  2015-08-07 04:13:37

You method should work. Try reversing. 

session_start();

if(isset($_SESSION["full_name"]) && $_SESSION["full_name"] =="bhaskar"){

  //your content

}
else
header('Location: index.php');

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP - Restrict access to admin page for logged on user How to restrict a particular user to access the particular webpage restrict page access in php Restrict access to page - PHP Restrict access to page with PHP Restrict User For Folder Access in php PHP: Cannot restrict access to page PHP Restrict Access To Admin Page Unless Logged In How to Restrict Access to a Page with PHP if statement Restrict PHP page from specific user
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM