w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
How do I authenticate a 'super user' to access information on a user's behalf?

You could add a "superuser" or "user_level" column to your user database and add that to the session when you login.

Then you can check before you execute a delete:

if ( 
     ($_SESSION['current_user_id'] === $id_to_be_deleted)
     || ($_SESSION['superuser'] === 1)
   )
                                    ^ for example...  
{
  // delete

(loads of new-lines and parenthesis in an attempt to make it clear...)





© Copyright 2018 w3hello.com Publishing Limited. All rights reserved.