CODEWITHSUNDEEP
php
user11452076
user11452076

Reputation:

Check if the user has role in sessions (PHP)

For a school project I'm looking if I can get the user role from the session (I have a role ID, but need to show data ONLY if the user has the correct role ID).

This is my code, but somehow only the first 'if' statement works...

<!-- check what role the user has and show data specifically for that user -->
    <?php 
        if(isset($_SESSION['userRole']) == 1){
            echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userRole"] . "</h3> "; 
            echo "<p>Jouw rol is Algemene Medewerker </p>";
        } 
        else if(isset($_SESSION['userRole'] )  == 2){
            echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userName"] . "</h3>";
            echo "<p>Jouw rol is Medewerker Inname</h3><p>";
        } 
        else if(isset($_SESSION['userRole']) == 3){
            echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userName"] . "</h3>";
            echo "<p>Jouw rol is Medewerker Verwerking</p>";
        } 
        else if(isset($_SESSION['userRole'])  == 4){
            echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userName"] . "</h3>";
            echo "<p>Jouw rol is Medewerker Uitgifte</p>";
        } 
        else if(isset($_SESSION['userRole']) == 5){
            echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userName"] . "</h3>";
            echo "<p>Jouw rol is Applicatie Beheerder</p>";
        } 
        else if(isset($_SESSION['userRole']) == 6){
            echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userName"] . "</h3>";
            echo "<p>Jouw rol is Administrator</p>";
        }
        else {
           echo "<p>you are logged out</p>";
        } 
        
    ?>

Upvotes: 0

Views: 930

Answers (3)

SteveTz
SteveTz

Reputation: 242

You can you and operator like this;

if(isset($_SESSION['userRole']) and $_SESSION['userRole']== 1){
        echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userRole"] . "</h3> "; 
        echo "<p>Jouw rol is Algemene Medewerker </p>";
    }
...

isset function avoids the warning if the session does not exist

Upvotes: 0

Professor Abronsius
Professor Abronsius

Reputation: 33813

In addition to the comment made previously regarding isset - that function returns a boolean so you can test for truthy values but not equate to a particular value as you do above. isset will take either a single or multiple values - "If multiple parameters are supplied then isset() will return TRUE only if all of the parameters are set. Evaluation goes from left to right and stops as soon as an unset variable is encountered"

There seems to be some duplication in the above code( not to mention the incorrect use of isset - I'd be tempted to rewrite that a little like this:

<?php 

    if( isset( $_SESSION['userRole'], $_SESSION["userName"] ) ){
        switch( (int)$_SESSION['userRole'] ){
            case 1:$message='Jouw rol is Algemene Medewerker'; break;
            case 2:$message='Jouw rol is Medewerker Inname'; break;
            case 3:$message='Jouw rol is Medewerker Verwerking';break;
            case 4:$message='Jouw rol is Medewerker Uitgifte';break;
            case 5:$message='Jouw rol is Applicatie Beheerder';break;
            case 6:$message='Jouw rol is Administrator';break;
        }
        
        
        printf('
            <h3 class="dashboard-welcome">Welkom %s</h3>
            <p>%s<p>',
            $_SESSION["userName"],
            $message
        );
    }else{
        echo "<p>you are logged out</p>";
    }
?>

An alternative using an array to lookup the role

    if( isset( $_SESSION['userRole'], $_SESSION['userName'] ) ){
    
        $i=(int)$_SESSION['userRole'];
        
        $roles=array(
            1=>'Algemene Medewerker',
            2=>'Medewerker Inname',
            3=>'Medewerker Verwerking',
            4=>'Medewerker Uitgifte',
            5=>'Applicatie Beheerder',
            6=>'Administrator'
        );
        
        printf('
            <h3 class="dashboard-welcome">Welkom %s</h3>
            <p>Jouw rol is %s<p>',
            $_SESSION["userName"],
            $roles[$i]
        );
    }else{
        echo "<p>you are logged out</p>";
    }

I assumed that >Welkom " . $_SESSION["userRole"] . " was a mistake and also there was a stray </h3> tag in 2nd piece of logic ( after: isset($_SESSION['userRole'] ) == 2 )

Upvotes: 1

DonKnacki
DonKnacki

Reputation: 427

You have 2 solutions :

  1. create a table of users roles:
$users_roles = array(
1 => "Algemene Medewerker",
2 => "Medewerker Inname",
3 => "Medewerker Verwerking",
4 => "Medewerker Uitgifte",
5 => "Applicatie Beheerder",
6 => "Administrator"
);

and then use it directly

<?php 
if(isset($_SESSION['userRole'])) {
    echo "<h3 class='dashboard-welcome'>Welkom " . $_SESSION["userName"] . "</h3>";
    echo "<p>Jouw rol " .  $users_roles[$_SESSION['userRole']] . "</p>";
}
?>
  1. modify $_SESSION['userRole'] to set real value ("Algemene Medewerker", "Medewerker Inname"...) and not integer

Upvotes: 0

Related Questions