473,503 Members | 1,685 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Prevent form running for one particular user

170 New Member
Hi,

hope this is in the right topic...

Running php5 on apache. I've setup a site where people can login as "demo", "demo" and play around with the functions of the site. Part of the functionality involves uploading files, deleting/editing using standard form fields and storing data in Mysql.

I want people *not* to be able to delete things, or upload files bigger than 100KB when they're logged in as "demo". I'm wondering if there's a much easier way to accomplish this, than doing what's below with *every* place where data is added/deleted/updated (which is a lot of places).

Expand|Select|Wrap|Line Numbers
  1. if($user=="demo")
  2. {
  3. echo "Sorry. You cannot delete things in demo mode. Please continue to look around.";
  4. }
  5. else
  6. {
  7. // Do whatever normal stuff happens with the data
  8. }
  9.  
I was thinking of having a session variable which might restrict these things without having to alter the code on every page. Would that work?

I would appreciate any examples of how I could do this. Thanks.
Jun 23 '09 #1
6 1461
dlite922
1,584 Recognized Expert Top Contributor
Usually when I build large application with various user rights and permissions, I created user "roles". In this case the demo user would have a guest role or lowest role.

I design my app from the get-go with this in mind.

Another thing you can do is have switches for the various functionality to turn them off an on based on a config file. In your demo install, you would turn these off.

In summary, no you cannot escape this problem without making code changes, but I hope you learned a lesson for the next time. :)

Cheers,



Dan
Jun 23 '09 #2
Markus
6,050 Recognized Expert Expert
Assuming you have some roles/permissions set up, simply store the access level in their session. Anywhere that requires a specific access level, check it, and act on it appropriately.

Expand|Select|Wrap|Line Numbers
  1. // User signs in.
  2. $_SESSION['access_level'] =$user->access_level;
  3.  
  4. // Only certain people can delete.
  5. function delete() {
  6.     if($_SESSION['access_level'] < 4) {
  7.         return;
  8.     }
  9.  
  10.      // Do delete
  11. }
  12.  
Jun 23 '09 #3
beary
170 New Member
Thanks Markus for your code example. Dan, could you please say a little more about the config file idea? What does it involve?

Thanks

@dlite922
Jun 23 '09 #4
dlite922
1,584 Recognized Expert Top Contributor
All it involves is include() a php file that has constants in it.( define(UPLOAD_ON,true); // or false

In the code you say if (UPLOAD_ON) do upload, else echo "can't upload";

That's all.

Then when you install your site on a server you change this config file and change the values based on that install. (if the users don't have access to this file, ie they're not the owner of the site, which I think what your Demo scenario is)




Dan
Jun 23 '09 #5
beary
170 New Member
Right. I understand what you've said, but doesn't this just get me back to where I started, of still having to have an if statement at every point on the site where a decision is to be made? That's what I was trying to avoid... (unless I've misunderstood)

@dlite922
Jun 23 '09 #6
dlite922
1,584 Recognized Expert Top Contributor
@beary
Yes, if you go back, I stated:

no you cannot escape this problem without making code changes
If you want your program to behave. You can disable the upload functionality (for example) by changing the permissions so that the program "breaks" and doesn't successfully upload. This is hardly the type of thing you want to show in a demo though.





Dan
Jun 24 '09 #7

Sign in to post your reply or Sign up for a free account.

Similar topics
102
7272
Prevent IE users from copying or seeing copy toolbar?
by: me | last post by:
How do I prevent the save/print/email/mypictures toolbar from popping up when IE users place their cursor over photos at my website? Thank you in advance for your help. Signed, me
HTML / CSS
22
7525
How to prevent Access from closing
by: alecjames1 | last post by:
I have a form which the user must complete before closing. I have disabled the window x button and use my own exit button. When selected it checks to see if the user has completed the entries...
Microsoft Access / VBA
12
12895
Help: How to prevent moving to the new record when sub form is null?
by: swingingming | last post by:
Hi, in the NorthWind sample database, when clicking on the next navigation button on the new order record with nothing on the subform (order details), we got an order with nothing ordered. How can...
Microsoft Access / VBA
3
4884
'current custom error settings for application prevent details of application error from being viewed. '
by: Damian | last post by:
Hi everyone I'm having an issue with one of our applications. I'm getting the following error when attempting to log in to the site: Server Error in 'xxxxxxxxxxxxxxxx' Application....
ASP.NET
5
3678
How to Prevent Mouse Movement and Clicks From Reaching Control
by: Charles Law | last post by:
Sorry for reposting this question, but I did not get a single answer last time, and I'm sure you guys must have some thoughts on the matter. I have a user control which can be dragged and dropped...
Visual Basic .NET
7
8797
How to prevent code from being executed by the Designer?
by: Fabio Cannizzo | last post by:
How can I prevent a few lines of code contained in the constructor of a Form from being executed by the Designer? Thanks, Fabio
C# / C Sharp
3
4875
Prevent changes to records when viewing data thru a form
by: mfetterhoff | last post by:
Hello Experts.. Im checking out the other side of the tracks here.. always been a Systems Analyst kind of guy. Developers are a touchy and unpredictible lot. I try to give them their space and never...
Microsoft Access / VBA
3
5269
Prevent Paste
by: GarryJones | last post by:
I found this handy little script on the net that means the user can only press backspace or numbers in form input. <script type="text/javascript"> function numbersonly(e){ var...
Javascript
3
4631
Help Needed To Prevent Double Booking
by: Wayne | last post by:
I'm building a bookings database for trucks that among other things captures the TruckName, LoadDate, LoadTime, UnloadDate and UnloadTime. Is there a simple way to prevent double bookings for any...
Microsoft Access / VBA
0
7086
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
1
6991
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7460
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
5578
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
1
5014
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA
0
4672
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
3167
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
1512
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
736
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us