Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /* page access */
- $page_access = ['admin','reseller'];
- if (!in_array($_SESSION['user_role'], $page_access)) {
- // $user cannot access this page, I should give warning or redirect to somewhere else
- // die('Error: Unauthorized Access');
- }
- /* data access */
- function get($data_id) {
- if ($_SESSION['user_role'] == 'admin') {
- $sql = "SELECT * FROM 'table' WHERE `data_id` = {$data_id}";
- }
- if ($_SESSION['user_role'] == 'user') {
- $sql = "SELECT * FROM 'table' WHERE `username` = '" . $_SESSION['username'] . "' AND `data_id` = {$data_id}";
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement