Home/ Questions/Q 8125495
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T06:50:17+00:00

I am developing a website that requires several user types. I have been able

  • 0

I am developing a website that requires several user types. I have been able to redirect the user types to different homages based on user roll/type after they login. However, I need to restrict the Admin portion of the site to just admin role types. I am storing a “1” or “2” into the database based on user type/role. I am using the “session_start” and “session_is_registered” to check the user information. What do I need to add to this code to restrict users with a role type of “1” from seeing the page.

session_start();
if(!session_is_registered(username)){
header('Location: ../admin/index.php');
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Store the users role in a session variable

    $_SESSION["role"]=1;

    or

    $_SESSION["role"]=2;

    depending on the stored user information.

    Then when you check the permissions, you just check this variable:

    if($_SESSION["role"]==2){
  header('Location: ../admin/index.php');
} else {
  echo "you need the admin role to view this page!";
}

    Another advice:
    It would be better to check the permissions in ../admin/index.php and redirect back to the default page if the user does not have the admin role. Otherwise users might be able to directly browse to ../admin/index.php if they know the URL.

    • 0