I am interested in the best way to load content for each user type.
There is a variety of different suggestions on alternative SO posts.
For example, the most useful I have seen is this one:
session_start();
//For admin
$_SESSION['type'] = 'admin';
//For user
$_SESSION['type'] = 'user';
//if admin login we will check session and display admin content
if($_SESSION['type']=='admin'){
echo 'Admin content';
}
//if user login we will check session and display user content
if($_SESSION['type']=='user'){
echo 'User content';
}
Is this the best way to do it for a website with many pages? If I am interpreting the post correctly, the suggestion here is that every page of my website should get the user-id (so start with the same code above) and then echo specific HTML content based on that user?
Are there alternative methods?
Advertisement
Answer
What you’re doing is perfectly fine. Don’t stress on the small details. You could do this in a variety of ways:
if($_SESSION['type']=='user'){
include('includes/user_content.php'); // Ensure users can't access this file directly.
}
Additionally, you could just create something like an admin panel:
if($_SESSION['type']=='admin'){
echo '<a href="admin.php">Admin Panel</a>'; // Double check user is an admin in admin.php, and display admin only content there
}
Normally on most websites, you would include some header/footer, where you can do most of these checks in there (So you’re not repeating these checks on every page). For example:
// posts.php
include('header.php');
if ($user['isAdmin']) {
//Do admin stuff
}
// header.php
session_start();
$user = [];
$user['isAdmin'] = $_SESSION['type'] == 'admin';
$user['name'] = $_SESSION['name'];