Example file: example4.php.
We need to prevent our page from being edited without authorization. In this step, we prepare a login page that performs a user check. You can try the example by opening login.php from your browser.
Please login using:
Email: you@example.com
Password: 123
In our final CMS project, you will be able to change the default login email and password.
http://localhost/mysite/login.php
The login page is querying a table called users to check if a user exists. If it exists, two session variables will be set:
Please note that, actually you can use a single $_SESSION[‘userid’] variable to indicate that a user has logged-in, but for flexibility and future improvement, we also have $_SESSION[‘authorized’]. This can be used for further authorization, for example: only the author can edit the page, etc.
We will not show the login.php code here. It basically contains a simple HTML form and an sql query for checking users table.
Now we can check the user session on our page to see if a user has logged in.
session_start(); $authorized = false; if(empty($_SESSION['userid'])==false) { $authorized = $_SESSION['authorized']; }
Here we have an $authorized variable that can have values true (user logged-in) or false (user not logged-in). Then we modify our previous code by adding $authorized variable in the checking before entering editing mode:
<?php if($authorized && $edit=='y'){ ?> <link href="dist/gridlessbuilder.css" rel="stylesheet" type="text/css" /> <?php } ?>
<?php if($authorized && $edit=='y'){ ?> <script src="assets/lang/en.js"></script> <script src="dist/gridlessbuilder.min.js"></script> ... <?php } ?>
If logged-in:
http://localhost/mysite/example4.php?edit=y
For the complete code and to try the example, please open in your browser: example3.php. If you have logged-in, you can enter the editing mode using the querystring example4.php?edit=y. But if not logged-in, you will only see the page in viewing mode.
If not logged-in:
http://localhost/mysite/example4.php?edit=y
Note: to logout, you can open logout.php. This page will simply clear all the sessions.
About | Privacy | Delivery & Return
Copyright © 2021 Insite Mitra Inovindo. All Rights Reserved.