I want only the administrator to be able to click on a certain link, and if a normal member clicks it, it would show "you are not authorized".
However, the page shows no matter who logs in, what is wrong with my codes?
<?php
session_start();
$HOST = 'localhost';
$USERNAME = 'root';
$PASSWORD = '';
$DB = 'c203';
//check if user is admin (role = 1)
if ($_SESSION['role'] == ‘member’) {
echo("You don't have sufficient rights to do so.<br />");
} else {
}
$link = mysqli_connect($HOST, $USERNAME, $PASSWORD, $DB) or die(mysqli_connect_error());
?>
However, the page shows no matter who logs in, what is wrong with my codes?
<?php
session_start();
$HOST = 'localhost';
$USERNAME = 'root';
$PASSWORD = '';
$DB = 'c203';
//check if user is admin (role = 1)
if ($_SESSION['role'] == ‘member’) {
echo("You don't have sufficient rights to do so.<br />");
} else {
}
$link = mysqli_connect($HOST, $USERNAME, $PASSWORD, $DB) or die(mysqli_connect_error());
?>