Jump to content



Photo
- - - - -

Chapter 13 Administrator - Access Denied

access denied not admin

  • Please log in to reply
10 replies to this topic

#1 slimpundit

slimpundit

    Newbie

  • Members
  • Pip
  • 11 posts

Posted 30 December 2011 - 12:14 PM

I'm working through chapter 13 now. I just finished the listing quotes and editing quotes sections on pages 396-403. I've added the ...is_administrator function. I'm signed into my computer (windows 7) as the administrator but the error message pops up for both view quotes and edit quotes saying access is denied. If i'm the administrator, why am i not getting access to these pages? I checked the control panel settings to verify that I am signed on as administrator.

If anyone could help, I'd appreciate it.
  • 0

#2 Larry

Larry

    Administrator/Writer

  • Administrators
  • 3,959 posts
  • LocationState College, PA (USA)

Posted 30 December 2011 - 1:54 PM

The is_administrator() function has nothing whatsoever to do with your Windows 7 account. That PHP function checks for a site administrator, which is verified by logging in through the site.
  • 0

#3 slimpundit

slimpundit

    Newbie

  • Members
  • Pip
  • 11 posts

Posted 30 December 2011 - 4:05 PM

Larry,

Somehow, I knew this would be an easy fix. Logged in and it works fine. I've tried to work with some other books but didn't get much out of them. This book is great! I've recommended it to my class and will continue working through the entire series. Thanks for the book(s) and the website. They have both been really helpful.

Slim
  • 0

#4 Larry

Larry

    Administrator/Writer

  • Administrators
  • 3,959 posts
  • LocationState College, PA (USA)

Posted 30 December 2011 - 4:53 PM

Thank you very much, Slim, for the nice words. Are you an instructor or a student? And where?
  • 0

#5 slimpundit

slimpundit

    Newbie

  • Members
  • Pip
  • 11 posts

Posted 1 January 2012 - 1:53 PM

Larry,
I'm a student at the College of Southern Nevada. Just finished up my AAS in web design and will continue studying CS at UNLV in the fall of 2012. I took a class that emphasized php and javascript and had to do a project. This book is the only reason that I was able to complete my project.
Slim
  • 0

#6 Larry

Larry

    Administrator/Writer

  • Administrators
  • 3,959 posts
  • LocationState College, PA (USA)

Posted 2 January 2012 - 11:41 AM

Excellent. Thanks again for the nice words and good luck with your studies!
  • 0

#7 kir

kir

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 10 June 2014 - 2:50 PM

Ok, I can not log in on my own site?  I have access premitted for user (myself) on go daddy data base?  I can sign in under me@example.com password testpass.  Here's my code:

<?php
/* This page lets people log into the site. */
 
// Set tow variable with default values:
$loggedin = false;
$error = false;
 
 
//Check if the form has been submitted:
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
 
    // Handle for form:
    if (!empty($_POST['email']) && !empty($_POST['password'])) 
    {
        
        if ( (strtolower($_POST['email']) == 'me@example.com') && ($_POST['password'] == 'testpass') )
        {
            // Correct!
            
                // Create the cookie
                setcookie('Sade', 'Adu', time()+3600);
                
                // Indicate they are logged in:
                $loggedin = true;
                
        }else{ // Incorrect!
            
                $error = 'The submitted email address and password do not match those on file!';
        }
    }else{ // Forgot a field.
            $error = 'Please make sure you enter both an email address and a passoword!';
}
}
    // Set the page title and include the header file:
    define('TITLE', 'Login');
    include('template/header.html');
    
    // Print an error if one exist
    if ($error)
    {
        print '<p class="error">' . $error .  '</p>';
    }
    
    // Indicate the user is logged in, or show the form:
    if ($loggedin)
    {
        
        print '<p>You are now logged in!</p>';
        
    }else{
    
        print '<h2>Login Form</h2>
        <form action="login.php" method="post">
        <p><label>Email Address <input type="text" name="email" /></label></p>
        <p><label>Password<input type="password" name="password" /></label></p>
        <p><input type="submit" name="submit" value="Log In!" /></p></form>';
    }
     include('template/footer.html');
     // Need the footer
    ?>

  • 0

#8 kir

kir

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 11 June 2014 - 9:49 AM

I need help, please.  My database and tables and created.  I can not login as administrator and I can't figure out how to. I can't view add or edit a quote because I am not the administrator.    I have tried everything I know.  I am showing that my cookies are created. 


  • 0

#9 Larry

Larry

    Administrator/Writer

  • Administrators
  • 3,959 posts
  • LocationState College, PA (USA)

Posted 11 June 2014 - 10:09 PM

That exact code only allows me@example.com/testpass to login. It doesn't use a database. It doesn't have administrators. 


  • 0

#10 kir

kir

    Newbie

  • Members
  • Pip
  • 5 posts

Posted 12 June 2014 - 8:20 AM

So, if I change that code to my email and password I would still only be able to log in as a user and not as an admin.  How do I log in as an admin, Lar?  I've gone over everything a million times but can't figure it out.


  • 0

#11 mogosselin

mogosselin

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 12 June 2014 - 8:03 PM

You see this line:

 if ( (strtolower($_POST['email']) == 'me@example.com') && ($_POST['password'] == 'testpass') )

It says :

If the input field named "email" contains me@example.com AND the input field named "password" contains "testpass", create cookie and set the variable $testpass = true

 

The $_POST['email'] array will be set to whatever field named "email" is posted from the form. Same thing with the $_POST['password']. so if you have an input field like this: <input type="text" name="email">, well the $_POST['email'] will contains the value entered in that field.

 

Now, there's nothing accessing a database in the code you posted, so changing anything in any database won't have any effect on how the code you pasted here works.

 

But, if you change the line with the hardcoded email and password to whatever you want, yes, it'll work.


  • 0