堆棧內存溢出
  簡體   English   中英

只允許特定用戶使用 codeigniter 編輯/刪除帖子

[英]Only allow specific user to edit/delete post using codeigniter

 原文  2016-04-06 11:50:20       php/ codeigniter/ session

問題描述

我正在嘗試編輯和刪除特定用戶的記錄。我有想法但不知道如何實現?。

當管理員登錄會話時也開始使用會話庫。 現在我將此會話數據發送到正在進行添加操作的模型。

有了新的學生數據,我也存儲了 admin_id。

現在的重點是,當我要編輯和刪除記錄時,我只想顯示數據,即 admin_id 的管理員與學生數據一起存儲。 通過這個,我可以編輯和刪除特定用戶的記錄。 super_admin 可以編輯/刪除所有記錄。

我在這個控制器文件中,當用戶登錄時,我只發送帶有會話的 admin_id。

清單.php

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Listing extends CI_Controller {


public function __construct()
{
    parent::__construct();
    $this->load->model('student');
    $this->load->helper('url');
    $this->load->helper('form');
    $s = $this->session->userdata('admin_id');
    log_message('error', 'Some variable did not contain a value.');
}
public function index()
{
    $s = $this->session->userdata('admin_id');

    $this->load->model('student',$s);
   //$data['result'] = $this->student->listing();
    $students = $this->student->listing();/////new line delete [resulet]time 5:42 29/03/16
     //$this->load->view('list_view',$data); //// change here time 5:52 29/03/16
    $this->load->view('list_view',array('students'=>$students)); /////listing->list_view name change
}   
public function delete($id)
{

    $result = $this->student->delete_operation($id);
    $s = $this->session->userdata('admin_id');// session data call.
    //$data['result'] = $this->student->listing();
    $students = $this->student->listing();///new line 30/03 1230pm// change for list_view
    $this->load->view('list_view',array('students'=>$students));///same as above//change for list_view
    //$this->load->view('list_view',$data); ////////////////////////listing->list_view name change
} 

public function edit($id)
{               

    if($this->input->post('edit') && $this->input->post('edit_id')!='')
    {       


        $id = $this->input->post('edit_id');
        $data = array(

        'student_name' => $this->input->post('txt_name'),
        'student_email' => $this->input->post('txt_email'),          
        'student_address' => $this->input->post('txt_address'),
        'subject' => $this->input->post('subject'),
        'marks' => $this->input->post('marks'),

        );
        $result = $this->student->update_record($id,$data);
        header('location:'.base_url().'index.php/listing');       
    }

    if($id)
    {

        $result = $this->student->edit_record($id);   
        $data['action'] = 'edit';
        $data['student_id'] = $result[0]->student_id;
        $data['student_name'] = $result[0]->student_name;
        $data['student_email'] = $result[0]->student_email;
        $data['student_address'] = $result[0]->student_address;
        $data['subject'] = $result[0]->subject;
        $data['marks'] = $result[0]->marks;

    }

    $this->load->view('edit_student',$data);   
}   
public function add_student()
{       
    //$s['user'] = $this->session->userdata('admin_id');//get session data // new line30/03/16
    $data['student_id'] = '';
    $data['student_name'] = '';
    $data['student_email'] = '';
    $data['student_address'] ='';
    $data['subject'] = '';
    $data['marks'] = '';
    //$data['admin_id']=''; //new line 12:39 30/03/16
    $this->load->view('edit_student',$data);           
}

public function add()
{
    $data = array(
    'student_name' => $this->input->post('txt_name'),
    'student_email' => $this->input->post('txt_email'),          
    'student_address' => $this->input->post('txt_address'),
    'subject' => $this->input->post('subject'),
    'marks' => $this->input->post('marks'),
    'admin_id' => $this->input->post('admin_id')//new line 12:39 31/03
    );
    $result = $this->student->add_record($id,$data);
    header('location:'.base_url().'index.php/listing');
}
}

我的模型文件student.php

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Listing extends CI_Controller {


public function __construct()
{
    parent::__construct();
    $this->load->model('student');
    $this->load->helper('url');
    $this->load->helper('form');
    $s = $this->session->userdata('admin_id');
    log_message('error', 'Some variable did not contain a value.');
}
public function index()
{
    $s = $this->session->userdata('admin_id');

    $this->load->model('student',$s);
   //$data['result'] = $this->student->listing();
    $students = $this->student->listing();/////new line delete [resulet]time 5:42 29/03/16
     //$this->load->view('list_view',$data); //// change here time 5:52 29/03/16
    $this->load->view('list_view',array('students'=>$students)); /////listing->list_view name change
}   
public function delete($id)
{

    $result = $this->student->delete_operation($id);
    $s = $this->session->userdata('admin_id');// session data call.
    //$data['result'] = $this->student->listing();
    $students = $this->student->listing();///new line 30/03 1230pm// change for list_view
    $this->load->view('list_view',array('students'=>$students));///same as above//change for list_view
    //$this->load->view('list_view',$data); ////////////////////////listing->list_view name change
} 

public function edit($id)
{               

    if($this->input->post('edit') && $this->input->post('edit_id')!='')
    {       


        $id = $this->input->post('edit_id');
        $data = array(

        'student_name' => $this->input->post('txt_name'),
        'student_email' => $this->input->post('txt_email'),          
        'student_address' => $this->input->post('txt_address'),
        'subject' => $this->input->post('subject'),
        'marks' => $this->input->post('marks'),

        );
        $result = $this->student->update_record($id,$data);
        header('location:'.base_url().'index.php/listing');       
    }

    if($id)
    {

        $result = $this->student->edit_record($id);   
        $data['action'] = 'edit';
        $data['student_id'] = $result[0]->student_id;
        $data['student_name'] = $result[0]->student_name;
        $data['student_email'] = $result[0]->student_email;
        $data['student_address'] = $result[0]->student_address;
        $data['subject'] = $result[0]->subject;
        $data['marks'] = $result[0]->marks;

    }

    $this->load->view('edit_student',$data);   
}   
public function add_student()
{       
    //$s['user'] = $this->session->userdata('admin_id');//get session data // new line30/03/16
    $data['student_id'] = '';
    $data['student_name'] = '';
    $data['student_email'] = '';
    $data['student_address'] ='';
    $data['subject'] = '';
    $data['marks'] = '';
    //$data['admin_id']=''; //new line 12:39 30/03/16
    $this->load->view('edit_student',$data);           
}

public function add()
{
    $data = array(
    'student_name' => $this->input->post('txt_name'),
    'student_email' => $this->input->post('txt_email'),          
    'student_address' => $this->input->post('txt_address'),
    'subject' => $this->input->post('subject'),
    'marks' => $this->input->post('marks'),
    'admin_id' => $this->input->post('admin_id')//new line 12:39 31/03
    );
    $result = $this->student->add_record($id,$data);
    header('location:'.base_url().'index.php/listing');
}
}

我的視圖文件

listing.php // 控制器和視圖文件同名。

<?php
defined('BASEPATH') OR exit('No direct script access allowed');
?>

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->
<!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]-->
<!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]-->
<!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
 <title>Login Form</title>  
</head>
<body>
<section class="container">
<div class="listing">

<a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/add_student">Add</a>

<h1>student List </h1>
    <table style="width:100%" border="1">

    <tr>
            <th>Id</th>
            <th>student Name</th>
            <th>student Email</th>      
            <th>student Address</th>        
            <th>subject</th>
            <th>marks</th>
            <th>Action</th>
        </tr>
        <?php foreach($result as $r) { ?>
        <tr>
            <td><?php echo $r->student_id; ?></td>
            <td><?php echo $r->student_name; ?></td>
            <td><?php echo $r->student_email; ?></td>       
            <td><?php echo $r->student_address; ?></td>
            <td><?php echo $r->subject; ?></td>
            <td><?php echo $r->marks; ?></td>

            <td><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/edit/<?php echo $r->student_id; ?>" > Edit</a><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/delete/<?php echo $r->student_id; ?>" > Delete</a></td>
        </tr>
        <?php } ?>


    </table>
<a class="btn btn-primary" href="<?php echo base_url(); ?>index.php/admin_login/logout" role="button">Logout</a>

</section>   
</body>
</html>

1 個解決方案

解決方案1
 0  2016-04-06 12:24:06

很多方法可以做到,簡單的方法就像波紋管代碼(自己編輯)

    if(!$this->session->userdata('User_id')==// specific user id ex: 1 or 0 ){

   // it will be blank so its shows nothing 

    }else{

    <td><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/edit/<?php echo $r->student_id; ?>" > Edit</a><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/delete/<?php echo $r->student_id; ?>" > Delete</a></td>

    }

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Codeigniter-僅允許特定用戶編輯/刪除帖子 只允許帖子的EXACT用戶對其進行編輯 Codeigniter - 僅在仍創建狀態時允許編輯或刪除 只允許作者使用ACF在yii2中編輯他的帖子 Codeigniter-僅當用戶在數據庫中創建條目時才允許用戶從數據庫中刪除 在CodeIgniter中使用AJAX刪除帖子 cakephp 3允許用戶僅編輯其個人資料 Codeigniter僅以用戶身份編輯自己的配置文件 如何僅允許管理員使用 laravel 刪除/編輯用戶信息? 允許使用.htaccess對codeigniter中的特定控制器進行身份驗證
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM