仅允许特定用户使用codeigniter编辑/删除帖子

时间:2016-04-06 11:50:21

标签: php codeigniter session

我正在尝试编辑和删除特定用户的记录。我有想法但不知道如何实现它。

当管理员登录会话时也开始使用会话库。现在我将此会话数据发送到MODEL进行添加操作。

我正在存储admin_id的新学生数据。

现在重点是我想在我要编辑和删除记录时只显示数据是管理员谁的admin_id与学生数据一起存储。通过这个我能够编辑和删除特定用户的记录。并且super_admin可以编辑/删除所有记录。

我的控制器文件在用户登录时,我只发送带有会话的admin_id。

listing.php 

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Listing extends CI_Controller {


public function __construct()
{
    parent::__construct();
    $this->load->model('student');
    $this->load->helper('url');
    $this->load->helper('form');
    $s = $this->session->userdata('admin_id');
    log_message('error', 'Some variable did not contain a value.');
}
public function index()
{
    $s = $this->session->userdata('admin_id');

    $this->load->model('student',$s);
   //$data['result'] = $this->student->listing();
    $students = $this->student->listing();/////new line delete [resulet]time 5:42 29/03/16
     //$this->load->view('list_view',$data); //// change here time 5:52 29/03/16
    $this->load->view('list_view',array('students'=>$students)); /////listing->list_view name change
}   
public function delete($id)
{

    $result = $this->student->delete_operation($id);
    $s = $this->session->userdata('admin_id');// session data call.
    //$data['result'] = $this->student->listing();
    $students = $this->student->listing();///new line 30/03 1230pm// change for list_view
    $this->load->view('list_view',array('students'=>$students));///same as above//change for list_view
    //$this->load->view('list_view',$data); ////////////////////////listing->list_view name change
} 

public function edit($id)
{               

    if($this->input->post('edit') && $this->input->post('edit_id')!='')
    {       


        $id = $this->input->post('edit_id');
        $data = array(

        'student_name' => $this->input->post('txt_name'),
        'student_email' => $this->input->post('txt_email'),          
        'student_address' => $this->input->post('txt_address'),
        'subject' => $this->input->post('subject'),
        'marks' => $this->input->post('marks'),

        );
        $result = $this->student->update_record($id,$data);
        header('location:'.base_url().'index.php/listing');       
    }

    if($id)
    {

        $result = $this->student->edit_record($id);   
        $data['action'] = 'edit';
        $data['student_id'] = $result[0]->student_id;
        $data['student_name'] = $result[0]->student_name;
        $data['student_email'] = $result[0]->student_email;
        $data['student_address'] = $result[0]->student_address;
        $data['subject'] = $result[0]->subject;
        $data['marks'] = $result[0]->marks;

    }

    $this->load->view('edit_student',$data);   
}   
public function add_student()
{       
    //$s['user'] = $this->session->userdata('admin_id');//get session data // new line30/03/16
    $data['student_id'] = '';
    $data['student_name'] = '';
    $data['student_email'] = '';
    $data['student_address'] ='';
    $data['subject'] = '';
    $data['marks'] = '';
    //$data['admin_id']=''; //new line 12:39 30/03/16
    $this->load->view('edit_student',$data);           
}

public function add()
{
    $data = array(
    'student_name' => $this->input->post('txt_name'),
    'student_email' => $this->input->post('txt_email'),          
    'student_address' => $this->input->post('txt_address'),
    'subject' => $this->input->post('subject'),
    'marks' => $this->input->post('marks'),
    'admin_id' => $this->input->post('admin_id')//new line 12:39 31/03
    );
    $result = $this->student->add_record($id,$data);
    header('location:'.base_url().'index.php/listing');
}
}

我的模特档案 的 student.php 

<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Listing extends CI_Controller {


public function __construct()
{
    parent::__construct();
    $this->load->model('student');
    $this->load->helper('url');
    $this->load->helper('form');
    $s = $this->session->userdata('admin_id');
    log_message('error', 'Some variable did not contain a value.');
}
public function index()
{
    $s = $this->session->userdata('admin_id');

    $this->load->model('student',$s);
   //$data['result'] = $this->student->listing();
    $students = $this->student->listing();/////new line delete [resulet]time 5:42 29/03/16
     //$this->load->view('list_view',$data); //// change here time 5:52 29/03/16
    $this->load->view('list_view',array('students'=>$students)); /////listing->list_view name change
}   
public function delete($id)
{

    $result = $this->student->delete_operation($id);
    $s = $this->session->userdata('admin_id');// session data call.
    //$data['result'] = $this->student->listing();
    $students = $this->student->listing();///new line 30/03 1230pm// change for list_view
    $this->load->view('list_view',array('students'=>$students));///same as above//change for list_view
    //$this->load->view('list_view',$data); ////////////////////////listing->list_view name change
} 

public function edit($id)
{               

    if($this->input->post('edit') && $this->input->post('edit_id')!='')
    {       


        $id = $this->input->post('edit_id');
        $data = array(

        'student_name' => $this->input->post('txt_name'),
        'student_email' => $this->input->post('txt_email'),          
        'student_address' => $this->input->post('txt_address'),
        'subject' => $this->input->post('subject'),
        'marks' => $this->input->post('marks'),

        );
        $result = $this->student->update_record($id,$data);
        header('location:'.base_url().'index.php/listing');       
    }

    if($id)
    {

        $result = $this->student->edit_record($id);   
        $data['action'] = 'edit';
        $data['student_id'] = $result[0]->student_id;
        $data['student_name'] = $result[0]->student_name;
        $data['student_email'] = $result[0]->student_email;
        $data['student_address'] = $result[0]->student_address;
        $data['subject'] = $result[0]->subject;
        $data['marks'] = $result[0]->marks;

    }

    $this->load->view('edit_student',$data);   
}   
public function add_student()
{       
    //$s['user'] = $this->session->userdata('admin_id');//get session data // new line30/03/16
    $data['student_id'] = '';
    $data['student_name'] = '';
    $data['student_email'] = '';
    $data['student_address'] ='';
    $data['subject'] = '';
    $data['marks'] = '';
    //$data['admin_id']=''; //new line 12:39 30/03/16
    $this->load->view('edit_student',$data);           
}

public function add()
{
    $data = array(
    'student_name' => $this->input->post('txt_name'),
    'student_email' => $this->input->post('txt_email'),          
    'student_address' => $this->input->post('txt_address'),
    'subject' => $this->input->post('subject'),
    'marks' => $this->input->post('marks'),
    'admin_id' => $this->input->post('admin_id')//new line 12:39 31/03
    );
    $result = $this->student->add_record($id,$data);
    header('location:'.base_url().'index.php/listing');
}
}

我的观看文件

listing.php //控制器和视图文件具有相同的名称。 

<?php
defined('BASEPATH') OR exit('No direct script access allowed');
?>

<!DOCTYPE html>
<!--[if lt IE 7]> <html class="lt-ie9 lt-ie8 lt-ie7" lang="en"> <![endif]-->
<!--[if IE 7]> <html class="lt-ie9 lt-ie8" lang="en"> <![endif]-->
<!--[if IE 8]> <html class="lt-ie9" lang="en"> <![endif]-->
<!--[if gt IE 8]><!--> <html lang="en"> <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
 <title>Login Form</title>  
</head>
<body>
<section class="container">
<div class="listing">

<a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/add_student">Add</a>

<h1>student List </h1>
    <table style="width:100%" border="1">

    <tr>
            <th>Id</th>
            <th>student Name</th>
            <th>student Email</th>      
            <th>student Address</th>        
            <th>subject</th>
            <th>marks</th>
            <th>Action</th>
        </tr>
        <?php foreach($result as $r) { ?>
        <tr>
            <td><?php echo $r->student_id; ?></td>
            <td><?php echo $r->student_name; ?></td>
            <td><?php echo $r->student_email; ?></td>       
            <td><?php echo $r->student_address; ?></td>
            <td><?php echo $r->subject; ?></td>
            <td><?php echo $r->marks; ?></td>

            <td><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/edit/<?php echo $r->student_id; ?>" > Edit</a><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/delete/<?php echo $r->student_id; ?>" > Delete</a></td>
        </tr>
        <?php } ?>


    </table>
<a class="btn btn-primary" href="<?php echo base_url(); ?>index.php/admin_login/logout" role="button">Logout</a>

</section>   
</body>
</html>

1 个答案:

答案 0 :(得分:0)

你可以采用多种方式,简单的方法就像波纹管代码(编辑自己)

    if(!$this->session->userdata('User_id')==// specific user id ex: 1 or 0 ){

   // it will be blank so its shows nothing 

    }else{

    <td><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/edit/<?php echo $r->student_id; ?>" > Edit</a><a class="btn btn-default" href="<?php echo base_url(); ?>index.php/listing/delete/<?php echo $r->student_id; ?>" > Delete</a></td>

    }
相关问题
最新问题