How To Control User Access in a PHP Application
ฝัง
- เผยแพร่เมื่อ 8 ก.ย. 2024
- In this video we review code that allows us to restrict unauthorized users from accessing specific pages on your website.
Full Course
Udemy (Discount Coupon Attached): bit.ly/udemy-mo...
SkillShare (2 Months Free Premium Access): skl.sh/3897t8m
___________________________________________________________________
I am a Software Engineer and Instructor. I can provide professional development services or private code coaching sessions to help you to accomplish your profesisonal or personal IT goals.
Check out my content on Social Media
Website: www.trevoirwil...
Instagram: / trevthetrevwill
Facebook: / trevoirwilliams
LinkedIn: / trevoirwilliams
Check out some free courses below:
Microsoft SQL Server 2017 for Everyone! - Database Development Course
• Microsoft SQL Server 2...
PHP Bootstrap 4, Heroku and MySQL Course
• PHP Bootstrap 4, Herok...
PHP Development with Bootstrap, GitHub and Heroku
• PHP Development with B...
Modern PHP Web Development with MySQL, GitHub and Bootstrap 4
• Modern PHP Web Develop...
C# - Basics Uncovered
• C# - Basics Uncovered
Enterprise C# Winforms Application Development
• Enterprise C# Winforms...
Introduction To Website Technologies
• Introduction To Websit...
Check out my premium courses on Udemy
End to End ASP.NET Core 3.1 API and Blazor Development
www.udemy.com/...
C# Console and Windows Forms Development with LINQ & ADO.NET
www.udemy.com/...
Complete ASP.Net Core 3.1 and Entity Framework Development
www.udemy.com/...
Modern PHP Web Development w/ MySQL, GitHub & Heroku
www.udemy.com/...
Microsoft SQL Server Development for Everyone!
www.udemy.com/...
Very well explained! Thankyou for not having too much fluff that is too common in tutorial videos. Even not having the rest of the pages available, I was still able to implement this correctly.
Thats great to hear Maria. I always try to keep it simple and functional. I am glad you liked it.
top job, man. saved me a lot of trouble. you won't believe how hard it is to find clear guides to do this!! I googled for like 2 hours collectively
Thanks for the endorsement. I am glad this video helped!
@@TrevoirWilliams yeah, man, it's a simple thing for sure for someone who knows this stuff, but I'm rather old at 30 years old getting into this and there has been no one to exactly show me how to do this. also a lot of good content, your work does not go unappreciated 👍
and obviously subbed!
I appreciate it man. If you have any suggestions or requests, just let me know
Wow! Man you are a great teacher! You explained the session auth so clear and fast … Thank you!
I am happy to help Liviu
You are a complete legend Trevoir. So simple a fix and really well explained. Cheers mate.
I am happy to be able to help Terry. Thanks for the endorsement !
Passing information fast and simply 👍
Thank you so much, your tutorials are awesome
Happy to help
This is so cool, i've learn so much. But i have a question and a task. How do I set restrictions for registored user with, lets say a button instead of writting the username and password in the code directly ($user->inseruser(admin,password).
Im trying to use a button to add admin but i am stuck and dont' know what to do
You can create a form for user creation (restrict it to admin access, of course), and then when a valid submission is made, you insert that new user into the system with the admin user type flags.
Outside of that, consider that they need to set a password, or you can generate a password and send it to the new user via email. That could be more secure, but it's an excellent way to start.
You can also use a standard password, and at the time of login, if they use that password, you force them to reset it.
Omg, finally, you saved me sir! Thank you so much!
You're most welcome!
Really great videos...could you do a video on roles...anxiously anticipating...
Hey Tyrone, this is a good suggestion. I will do one soon.
Thanks for this tutorial.
Thanks.
My own issue is that when I login it will say login successful and hang there without redirecting me to the dashboard.
How can I fix this issue?
Can you share the redirect code? The error might be in how it was written
Thank you for help!
You're welcome!
how to do this thing on particular button
Likewise the user just wants to visit website
Only apply the check on the pages that you want to protect.
what if i open the application and login in some other browser....? this won't prevent me from logging in again there using same creds!
Hello Aseem. This very simple implementation will not prevent that. That will require more complex checks to ensure that doesn't happen.
Dumb question: What prevents a user that logs in with a valid sesion, to modify - by using the browser tools - the value of userid in order to act as a different one ?
There are no dumb questions. The user id value is stored as a session, which is stored on the server. Without direct access, this will not be very easy to do. That being said, you have valid security concerns and there are certainly better ways to handle authentication scenarios.
@@TrevoirWilliams Thank you very much for the straight forward reply. Not being stored on the client side is reassuring as I'm using such an authentication and deciding post-login what to show on the page, according to user logged in. It wouldn't do if a user could impersonate another.
But one problem I am facing that if someone gets logged in then if by other tab we try to access that page it gets accessed why?
Ashwith, The session you create is stored by the browser, so it will remember that it is signed in. You would need to enhance the login approach to do other things.
hi, I really have a challenge here. This work perfect on localhost but the restricted page doesn't show if i upload my files to the cpanel. It keeps showing the login page after entering the correct login credential. Can you help me out?
:)
Hello, are you changing out the connection string to reflect the remote database and if yes, then are you sure that the same users exist on both side with the same password?
thank you :)
You're most welcome
Can we get the source code?
You can find the course code here: github.com/trevoirwilliams/attendance-php
@@TrevoirWilliams thank you.
my own doesn't access ooo
What error are oyu getting?