I talked to a coder friend who has much MySQL and PHP knowledge about creating a MySQL query that could restrict access to admin areas of my site to different level of admins. I have already implemented techniques listed in the link below however I would like to upgrade that.
Link: http://community.elgg.org/mod/groups/topicposts.php?topic=214432&group_guid=211069
My problem is that when I want to add a new full admin to my server, I have to update almost 50 files containing code like:
if ($_SESSION['user']->guid == 2){?>
<a href="<?php echo $vars['url']; ?>pg/settings/user/<?php echo $vars['entity']->username; ?>/"><?php echo elgg_echo('profile:editdetails'); ?></a>
<?php }
If I could I would like to make that "If" code check for multiple levels of admins like a code below:
if (mysql_query("SELECT * FROM db WHERE userid='$_SESSION['user']->guid' AND level='2'") || mysql_query("SELECT * FROM db WHERE userid='$_SESSION['user']->guid' AND level='3'"){?>
<a href="<?php echo $vars['url']; ?>pg/settings/user/<?php echo $vars['entity']->username; ?>/"><?php echo elgg_echo('profile:editdetails'); ?></a>
<?php }
Now I know I did not probally type that code correctly but you get the idea... I have a MySQL table called "elggadminlevels" containing columns "userid" and "level" If you could please help me create this "MySQL check for admin levle ID" I would deeply ppreciate it :) I know I've had a lot of question before but I'm a MySQL and PHP newbie, especially in Elgg :D Thank you for all of your help :)
P.S. Instead of that long code maybe we could somehow create a param for "$adminlevel2check" and do like
if ($adminlevel2check || $adminlevel3check){?>
<a href="<?php echo $vars['url']; ?>pg/settings/user/<?php echo $vars['entity']->username; ?>/"><?php echo elgg_echo('profile:editdetails'); ?></a>
<?php }
instead idk just an idea probally not posible though :( If you have any question please do not hessitate to ask :)
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- DhrupDeScoop@Dhrup2000
DhrupDeScoop - 0 likes
- 1gbram@1gbram
1gbram - 0 likes
You must log in to post replies.strange.. i don't remember discussing any sql query code ;-)
I was looking to implememnet this sql query code insetead of what we discussed. Updating what we discussed is getting really out of hand.