Simple Admin User Session Approach

The log in / log out page

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin Log In</title>

<?php
if ( !isset($_SESSION))
	session_start();

//LOG IN URL:
//	www.my_domain.com/admin_login.php?adminid=somerandomgibberish
//LOG OUT URL:
//	www.my_domain.com/admin_login.php?adminid=0

if ( isset($_GET['adminid']) && ($_GET['adminid'] == "somerandomgibberish") )
{
	//LOG IN
	$_SESSION['userisadmin'] = "YES";
	header("Location: /index.php");
  die();
}
else
{
	//LOG OUT
	unset($_SESSION['userisadmin']);
}

?>
</head>

<body>
<p>
Please log in
</p>
</body>
</html>

 

Then In Pages That Want To Detect If User Is Admin

<?php
if ( !isset($_SESSION))
	session_start();

$user_is_admin = false;
if ($_SESSION['userisadmin'] == "YES")
	$user_is_admin = true;
?>

 

Feel free to comment if you can add help to this page or point out issues and solutions you have found. I do not provide support on this site, if you need help with a problem head over to stack overflow.

Comments

Your email address will not be published.