I'm creating a simple staff panel that consists of just about 10 pages and uses a single sql table. My sql table consists of user_id, user_name, user_email, password and rank
I'm trying to display specific content based on what the users rank is in the database although, I'm a very beginner at PHP so I'm not even sure if I'm pulling it from the database properly.
$sql = "SELECT user_name, user_email, user_password_hash, user_id, rank
FROM users
WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_name . "';";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
// using PHP 5.5's password_verify() function to check if the provided password fits
// the hash of that user's password
if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
// write user data into PHP SESSION (a file on your server)
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['rank'] = $result_row->rank;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
This is my login.php file.
This is the code I'm using to try and display something to a specific rank.
I've managed to do it so it will display something depending on the users name which leads me to believe I haven't called rank properly.
<?php
if (isset($_SESSION['rank']) && $_SESSION['rank'] == admin) {
echo '<a href="/admin/" class="btn btn-danger">Admin</a>';
} else {
echo " ";
}
?>