11.5. Displaying Controls to Authorized Users

Your next steps are to modify update.inc.php to check whether the login credentials supplied via the login form are valid; if they are, you set $_SESSION['loggedin'] to 1, which causes all administrative links and actions to become available to the user.

In update.inc.php, you add an else if block that checks whether it was the POST method that submitted the login form. You do this by checking whether the value of $_POST['action'] is set to login and whether the values of the username and password fields were submitted with values.

If these criteria are met, you load the database credentials and open a connection. Next, you set up a SQL query that gets the number of matches found by comparing the ...

Get PHP for Absolute Beginners now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial