Home/ Questions/Q 7764589
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T14:57:02+00:00

I have an admin system and a user system on my website. Some data

  • 0

I have an admin system and a user system on my website. Some data on the user system will not change, but the admin data will change instead. So I was wondering if there was a way to restrict the admin session (when they login) only to the admin directory (/admin), so that it does not interfere with the rest of my website?

Thanks,

Lucas

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There are many ways to handle something like this. Probably the easiest is to check the permissions and $_SERVER['REQUEST_URI'], and if the user isn’t in the admin/ area, redirect into it.

    // Assuming you've saved an admin flag in session
// and the user request URI doesn't contain admin/
if ($_SESSION['admin'] === TRUE && !preg_match('/admin\//' $_SERVER['REQUEST_URI'])) {
  // redirect into the admin/ area
  header("Location: http://example.com/admin");
  exit();
}

    Update:

    By popular request, here’s the reverse to enforce an admin login in the admin/ directory

    if ((!isset($_SESSION['admin'] || $_SESSION['admin'] === FALSE)  && preg_match('/admin\//' $_SERVER['REQUEST_URI'])) {
  // redirect out of the admin/ area
  header("Location: http://example.com/");
  exit();
}

    Actually, assuming the admin pages are separate scripts, you don’t really need the preg_match() in this part. But if you have an MVC pattern where the admin script may not actually be served from a file in the admin directory, use the regex match.

    • 0