Home/ Questions/Q 3974736
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T04:36:11+00:00

I’m working on a project. suppose If Admin click on approved checkbox, then account

  • 0

I’m working on a project. suppose If Admin click on approved checkbox, then account is activated using ajax. and if admin click on banned checkbox, then user deactivated from database.
I don’t know what is the best way to do this. Any advice thanks you so much.

This is checkbox for approved.

<input type="checkbox" id="q" value="<?php echo $userid;?>" onchange="User(this.value)"/>
<input type="hidden" name="doAction" id="doAction" value="Approved" />

This is checkbox for approved.

<input type="checkbox" id="q" value="<?php echo $userid;?>" onchange="User(this.value)"/>
<input type="hidden" name="doAction2" id="doAction2" value="Banned" />

And this is my ajax short code

if('Approved' == doAction) 
{

    xmlhttp.open("GET","adminPanel.php?q="+str+"&doAction="+doAction,true);
    xmlhttp.send();
}
else if ('Banned' == doAction2) 
{


    xmlhttp.open("GET","adminPanel.php?q="+str+"&doAction="+doAction2,true);
    xmlhttp.send();
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, that is a reasonable way to do it. Though you shouldn’t output the userid value in the form and rely on that to authorize the user. Because you cannot trust that the “q” parameter specifies the correct user. Instead you should check what userid the users session cookie corresponds to. If that userid is just a normal user and not the admin, that user can obviously not ban other users. Then, as always, validate the doAction parameter in adminPanel.php or else you’ll open yourself up to SQL injection attacks.

    Also check out jQuery which makes it much easier to do AJAX calls.

    • 0