<?php
function isAdmin()
{
global $db; // Have to do this so the function can access $db in connect.php
$user = $_SESSION['username']; // I just use this due to lazyness. It's from login.php it holds a session for the user's username.
$funct = $db->prepare("SELECT * FROM user_table WHERE username =:username"); // The query is getting prepared for sanitization.
$funct->bindValue(':username', $user, PDO:ARAM_STR); // The query is getting sanitized, PARAM_STR represents the string data type in the SQL
$funct->execute(); // And the query is executed, plain and simple
$result = $funct->fetch(); // fetch(); is used to fetch a row from the table you're using in the $funct query.
if ($result['usergroup'] == 1) { // This is pulling the usergroup from the user table and is checking if the usergroup is equal to 1
return true; // Here you put what you want to display if they are an admin
} else {
return false; // And what you want to display here if they aren't an admin.
}
}
?>
<?php
function isAdmin()
{
global $db; // Have to do this so the function can access $db in connect.php
$user = $_SESSION['username']; // I just use this due to lazyness.
$funct = $db->prepare("SELECT * FROM user_table WHERE username =:username"); // Preparing is getting the query ready for sanitizing.
$funct->bindValue(':username', $user, PDO:ARAM_STR); // It gets sanitized here.
$funct->execute(); // And the query is executed
$result = $funct->fetch(); // Fetching a row.
if ($result['usergroup'] == 1) {
return true; // Here you put what you want to display if they are an admin
} else {
return false; // And what you want to display here if they aren't an admin.
}
}
?>
Copyright © 2024, NextGenUpdate.
All Rights Reserved.