I'm kinda newbie to php and may be is quite simple but I need some help on this task.
I have login login form for my Admin panel. I also have database and table users set and everything works fine so far. What I want to do is one SuperAdmin which I already have it. This superadmin have full access and no limits. He can see full datas in database.
Now I whant to have 3-4 more admins where every admin have access to his rows. For example now I have table houses with inserted ids 1,2,3,4. SuperAdmin has access to four id and he can see, edit, delete, update them.
Now here need another admin which will see only row with id=1. Another admin wich will see row with id=2 and so on. In other words each admin will have his records in database and must see only them.
<?php
ob_start();
session_start();
if(isSet($_POST['submit'])) {
include('misc/db.inc.php');
$username = $_POST['username'];
$password = sha1($_POST['password'] );
$query = mysqli_query($con, "SELECT * FROM users WHERE username='".addSlashes($username)."' AND password='".addSlashes($password)."'");
$res = mysqli_num_rows($query);
if ($res == 1) {
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['userobj'] = mysqli_fetch_assoc($query);
header('Location: main.php');
exit;
} else {
echo 'error';
}
} else {
?>
In table users I've make new row userType where superadmin is with 1 and other admins are with 5.
How can I continue now? I guess I need some check for usertype while login. But after login how to give on each admin only the row of his access?
