public function check_administrator() { $result = false; $username = $_SESSION['username']; if (isset($_SESSION['username'])) { $dbc = new DbConnexion(); $c = $dbc->connect(); $sql = "SELECT * FROM users where login='******'"; $result = $c->query($sql); $login = ""; $usertype = 0; while ($row = $result->fetch_assoc()) { $login = $row["login"]; $usertype = (int) $row["user_type"]; } if ($login == $username && $usertype == 1) { $result = true; } else { $result = false; } } else { $result = false; } return $result; }
<?php include '../../security/check_session.php'; include '../../config/connexion.php'; $cs = new CheckSession(); if (!$cs->check_user_session()) { header("Location:" . $_SERVER['DOCUMENT_ROOT'] . './index.php'); } $dbc = new DbConnexion(); $c = $dbc->connect(); ?> <?php include '../header.php'; ?> <!-- BEGIN PAGE CONTAINER --> <div class="page-container"> <!-- BEGIN PAGE HEAD --> <div class="page-head"> <div class="container"> <!-- BEGIN PAGE TITLE --> <div class="page-title"> <h1> Product Management <small>List, add, delete and update products</small> </h1> </div> <!-- END PAGE TITLE --> <!-- BEGIN PAGE TOOLBAR --> <div class="page-toolbar"> <!-- BEGIN THEME PANEL -->