PEAR CMS: Index and Delete Scripts - The code explained
(Page 4 of 4 )
All the scripts in the admin section of the site must have a security check that determines whether or not the currently logged-in user has administration level clearance. This page does exactly that, using PHP’s session information. If a user is not authenticated or does not have administrator level clearance, then the user will not be allowed to view the page. Instead, they will be redirected to the login page.
<?
session_start();
if($_SESSION['level']!=="admin"){
//redirect to login page
header(location:"login.php");
}
?>
The next part in this script creates the HTML portion of the page. The header part of the HTML includes a lot of elements, such as the style sheet and template definitions. Later on, a table is going to be created that will host the navigation panel. Also, a welcome message will be created and included in the HTML code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/main.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
<link href="../Templates/pear.css" rel="stylesheet" type="text/css" />
</head>
<body>
<table width="100%" border="0" class="bord">
<tr class="header1">
<td colspan="2"><div align="center">Content Management System </div></td>
</tr>
<tr>
<td width="5%" valign="top"><!-- InstanceBeginEditable name="EditRegion4" -->
The HTML continues by building the navigation panel that contains the navigation links for the admin site. The navigation panel has four links:
Home – Links back to the admin home page.
List Authors – Lists all the authors in the database with maintenance options.
Add Authors – Enables administrators to add new authors.
Delete articles – Deletes articles.
<table width="100%" border="1">
<tr>
<td colspan="2" bgcolor="#0066FF"><strong>Section</strong></td>
</tr>
<tr>
<td class="nav">Logout </td>
<td><img name="" src="" width="32" height="32" alt="" /></td>
</tr>
<tr>
<td colspan="2" class="nav"><a href="index.php">Home</a></td>
</tr>
<tr>
<td colspan="2" class="nav">List Authors </td>
</tr>
<tr>
<td colspan="2" class="nav"><a href="authors.php">Add Authors</a></td>
</tr>
<tr>
<td colspan="2" class="nav"><a href="delete.php">Delete articles </a></td>
</tr>
</table>
The final part of the HTML code includes the welcome message and then closes the HTML tags and tables:
<!-- InstanceEndEditable --></td>
<td width="95%" valign="top"><!-- InstanceBeginEditable name="EditRegion3" -->
<p class="title">Welcome to the Admin Section of the Content Management System</p>
<!-- InstanceEndEditable --></td>
</tr>
<tr class="copy">
<td colspan="2">©2008</td>
</tr>
</table>
</body>
<!-- InstanceEnd --></html>
-></html>
Don't forget to check back next week for the conclusion to this series!
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
/ 2 
