add authentication
This commit is contained in:
Hendrik
@@ -12,6 +12,14 @@
|
|||||||
* This view adds the main layout over the screen.
|
* This view adds the main layout over the screen.
|
||||||
* Header and menu.
|
* Header and menu.
|
||||||
*/
|
*/
|
||||||
|
include_once ("../queries/user.php");
|
||||||
|
|
||||||
|
$userinfo = getRoleByID($_SESSION['userID'])->fetch(PDO::FETCH_ASSOC);
|
||||||
|
|
||||||
|
if ($userinfo['role'] != 'admin' AND $userinfo['role'] != 'owner') {
|
||||||
|
header("location:profile.php");
|
||||||
|
}
|
||||||
|
|
||||||
include("../views/main.php");
|
include("../views/main.php");
|
||||||
|
|
||||||
/* Add your view files here. */
|
/* Add your view files here. */
|
||||||
|
|||||||
@@ -370,3 +370,18 @@ function countSomeUsers($search) {
|
|||||||
$q->execute();
|
$q->execute();
|
||||||
return $q;
|
return $q;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function getRoleByID($userID) {
|
||||||
|
$stmt = $GLOBALS['db']->prepare("
|
||||||
|
SELECT
|
||||||
|
`role`
|
||||||
|
FROM
|
||||||
|
`user`
|
||||||
|
WHERE
|
||||||
|
`userID` = :userID
|
||||||
|
");
|
||||||
|
|
||||||
|
$stmt->bindParam(':userID', $userID);
|
||||||
|
$stmt->execute();
|
||||||
|
return $stmt;
|
||||||
|
}
|
||||||
@@ -2,6 +2,7 @@
|
|||||||
<?php
|
<?php
|
||||||
require_once ("../queries/user.php");
|
require_once ("../queries/user.php");
|
||||||
require_once ("../queries/group_page.php");
|
require_once ("../queries/group_page.php");
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
|
<!-- function test_input taken from http://www.w3schools.com/php/php_form_validation.asp -->
|
||||||
<?php
|
<?php
|
||||||
|
|||||||
Reference in New Issue
Block a user