Jump to content
Please Use CODE Tags

Limiting who can edit post and comments

shadowss
By shadowss
in Programming
 Share
Posted

hello im a student and are trying to get my program to make it so only the person that has written the post is able to edit it but honestly not sure how to we have done so everyone can edit it and so you can only edit it when a person is logged in(doesen't have to be the user) but thats about the limit so im now asking if any of you have an idea as what to do i would be expecting it to be something to do with sessions but honestly not sure 
ill send the code for editing post here thanks in advance for help im also only allowed to use php, html and javascript 
  

<?php
// lavet af ida, troels og jonas
require_once '/var/www/wits.ruc.dk/db.php';
session_start(); // her starter vi en session
if (isset($_SESSION['brugernavn'])) {
$pid = $_GET["pid"];  // definere pid fra post
$uid = $_GET["uid"];  // definere uid fra post
$post = get_post($pid); // vores get_post så vi har adgang til hvad der er i vores post 

if (empty($pid)) { // if statement til at sige hvis du ikke har pid så vis echo 
  echo "Udfyld venligst et pid i URL'en";
}
else {  // hvis vi har pid så skal den bare give os det nedenstående 

$title = $post["title"];  // definere yderligere title fra post
$content = $post["content"];  // definere yderligere content fra post  
$postuid = $post["uid"];  // definere yderligere uid fra post  

if (!empty($pid)) { // if statement til at sige hvis du har pid så vis de 2 echo i if statement 
  echo $post["title"];
  echo $post["content"];
}

if ($uid === $postuid) {  // if statement til at sige hvis uid er lig med uid i post så udskriv det nedenfor 

?>

<!DOCTYPE html>
<html>
<head>
    <title>Opret Indlæg</title>
</head>
<body>
    <h1>Opret Indlæg</h1>
        <main>
            <form action="rediger.php" method="GET">  <!-- form for at  link til vores php document-->
                <label for="uid">Uid:</label> <!-- vores uid label -->
                <input type="hidden" name="uid" id="uid" value="<?php echo $postuid; ?>" required>  <!-- input som uid label tager er gemt fra bruger-->
                <br>
                <input type="hidden" name="pid" id="pid" value="<?php echo $pid; ?>" required>  <!-- input som pid label tager er gemt fra bruger-->
                <br>
                <label for="title">Titel:</label>
                <input type="text" name="title" id="title" value="<?php echo $title; ?>" required> <!-- input som title label tager -->
                <br>
                <label for="content">Indhold:</label>
                <textarea name="content" id="content" rows="4" cols="50" required> <?php echo $content; ?> </textarea> <!-- input som content label tager -->
                <br>
                <button type="submit" name="modifybutton" >Submit</button>  <!-- vores button som vi bruger php til at ændre opslag på serveren-->

            </form>
        </main>

</body>
</html>
<?php
}
 }
  }
?>

this is the first document now the second document that works together with this one 
  

<?php
// lavet af ida, troels og jonas
require_once '/var/www/wits.ruc.dk/db.php';
session_start(); // her starter vi en session

    $addbutton = $_GET["addbutton"];	// definere addbutton fra post
    $modifybutton = $_GET["modifybutton"];	// definere modifybutton fra post
		$pid = $_GET["pid"];	// definere pid fra post
		$uid = $_GET["uid"];	// definere uid fra post
		$title = $_GET["title"];	// definere title fra post
		$content = $_GET["content"];	// definere content fra post


if (isset($modifybutton)) {		// if statement så vi kan ændre i post hvis vi har modifybutton tilgængelig 
	modify_post($pid,$title,$content);	// for at modify vores post
}

if (isset($addbutton)) {
	add_post($uid,$title,$content);
}


?>

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I think this comparison you're doing... 

($uid === $postuid)

would be the key to that feature, at a basic level. You'd want to check to make sure the user id of the logged in user matches the user id which made the post. You may want this in a function that returns a simple true/false, so it can be used wherever you need it, for whatever post you need it for.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
29 minutes ago, undergroundbeef said:

I think this comparison you're doing... 

($uid === $postuid)

would be the key to that feature, at a basic level. You'd want to check to make sure the user id of the logged in user matches the user id which made the post. You may want this in a function that returns a simple true/false, so it can be used wherever you need it, for whatever post you need it for.

thank you this helped me a lot think i have looked at code for too long been about 8-9 hours by now with only 1 break 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programming

×