Creating multi user role based admin using PHP Mysql and bootstrap


Multi user role based application login in php mysqli, How do I set privileges in PHP,  User and Grant Privileges For PHP Code, multi user form login

What is multi user role based admin?

For beginners, let me explain what this article is all about. Suppose you have online shopping cart. You have several employees, each with their own role. that is, some are responsible for data transmission (data carriers), others for customer support and others for sales. In this case you don’t want all modules / data to be available for every module. So you have to assign roles to them and then they have the privilege to only have limited data access.
I won’t be creating a full admin panel in this tutorial. I will show you a trick with MySQL database and PHP logic to create a multi-user administrator. 

Follow the steps below.

  1. Create Database and Table by SQL query
  2. Create Database Connection file.
  3. Create Sign Up HTML Form with role in PHP
  4. Create administrator Login HTML Form with PHP
  5. Create administrator Dashboard page after login success with Role 
  6. Create administrator Logout page in PHP
Multi user role based application login in php mysqli, How do I set privileges in PHP,  User and Grant Privileges For PHP Code, multi user form login
Multi user role based application login in php mysqli, How do I set privileges in PHP,  User and Grant Privileges For PHP Code, multi user form login

1. Create Database and Table by SQL query

-- Database: `webscodex`
-- --------------------------------------------------------
-- Table structure for table `admins`
--

CREATE TABLE `admins` (
`id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`name` varchar(100) NOT NULL,
`username` varchar(100) NOT NULL,
`password` varchar(100) NOT NULL,
`role` varchar(100) NOT NULL,
`created` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp()
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

--
-- Dumping data for table `admins`
--

INSERT INTO `admins` (`id`, `name`, `username`, `password`, `role`, `created`) VALUES
(1, 'manish', 'manish123', '21232f297a57a5a743894a0e4a801fc3', 'super_admin', '2021-01-23 09:51:05'),
(2, 'akol', 'akol123', '21232f297a57a5a743894a0e4a801fc3', 'admin', '2021-01-24 05:41:25'),
(3, 'kamal', 'kamal123', '21232f297a57a5a743894a0e4a801fc3', 'manager', '2021-01-23 09:57:54');

2. Create Database Connection file in PHP

config.php
<?php

// Database configuration
$hostname = "localhost";
$username = "root";
$password = "";
$dbname = "webscodex";

// Create database connection
$con = new mysqli($hostname, $username, $password, $dbname);

// Check connection
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}

?>

3. Create Sign Up HTML Form with role in PHP

index.php
<?php

// Include database connection file

include_once('config.php');

if (isset($_POST['submit'])) {

$username = $con->real_escape_string($_POST['username']);
$password = $con->real_escape_string(md5($_POST['password']));
$name = $con->real_escape_string($_POST['name']);
$role = $con->real_escape_string($_POST['role']);

$query = "INSERT INTO admins (name,username,password,role) VALUES ('$name','$username','$password','$role')";
$result = $con->query($query);

if ($result==true) {
header("Location:login.php");
die();
}else{
$errorMsg = "You are not Registred..Please Try again";
}

}

?>

<!DOCTYPE html>
<html lang="en">
<head>
<title>Multi user role based application login in php mysqli</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
</head>
<body>

<div class="card text-center" style="padding:20px;">
<h3>Multi user role based application login in php mysqli</h3>
</div><br>

<div class="container">
<div class="row">
<div class="col-md-3"></div>
<div class="col-md-6">
<?php if (isset($errorMsg)) { ?>
<div class="alert alert-danger alert-dismissible">
<button type="button" class="close" data-dismiss="alert">&times;</button>
<?php echo $errorMsg; ?>
</div>
<?php } ?>
<form action="" method="POST">
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" name="name" placeholder="Enter Name" required="">
</div>
<div class="form-group">
<label for="username">Username:</label>
<input type="text" class="form-control" name="username" placeholder="Enter Username" required="">
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" class="form-control" name="password" placeholder="Enter Password" required="">
</div>
<div class="form-group">
<label for="role">Role:</label>
<select class="form-control" name="role" required="">
<option value="">Select Role</option>
<option value="super_admin">Super admin</option>
<option value="admin">Admin</option>
<option value="manager">Manager</option>
</select>
</div>
<div class="form-group">
<p>Already have account ?<a href="login.php"> Login</a></p>
<input type="submit" name="submit" class="btn btn-primary">
</div>
</form>
</div>
</div>
</div>
</body>
</html>

4.  Create administrator Login HTML Form with PHP

login.php
<?php
session_start();
if (isset($_SESSION['ID'])) {
header("Location:dashboard.php");
exit();
}
// Include database connectivity

include_once('config.php');

if (isset($_POST['submit'])) {

$errorMsg = "";

$username = $con->real_escape_string($_POST['username']);
$password = $con->real_escape_string(md5($_POST['password']));

if (!empty($username) || !empty($password)) {
$query = "SELECT * FROM admins WHERE username = '$username'";
$result = $con->query($query);
if($result->num_rows > 0){
$row = $result->fetch_assoc();
$_SESSION['ID'] = $row['id'];
$_SESSION['ROLE'] = $row['role'];
$_SESSION['NAME'] = $row['name'];
header("Location:dashboard.php");
die();
}else{
$errorMsg = "No user found on this username";
}
}else{
$errorMsg = "Username and Password is required";
}
}

?>

<!DOCTYPE html>
<html lang="en">
<head>
<title>Multi user role based application login in php mysqli</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
</head>
<body>

<div class="card text-center" style="padding:20px;">
<h3>Multi user role based application login in php mysqli</h3>
</div><br>

<div class="container">
<div class="row">
<div class="col-md-3"></div>
<div class="col-md-6">
<?php if (isset($errorMsg)) { ?>
<div class="alert alert-danger alert-dismissible">
<button type="button" class="close" data-dismiss="alert">&times;</button>
<?php echo $errorMsg; ?>
</div>
<?php } ?>
<form action="" method="POST">
<div class="form-group">
<label for="username">Username:</label>
<input type="text" class="form-control" name="username" placeholder="Enter Username" >
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password" class="form-control" name="password" placeholder="Enter Password">
</div>
<div class="form-group">
<p>Not registered yet ?<a href="index.php"> Register here</a></p>
<input type="submit" name="submit" class="btn btn-success" value="Login">
</div>
</form>
</div>
</div>
</div>
</body>
</html>

5. Create administrator Dashboard page after login success with Role 

Conditional checking for each modules functionality.
dashboard.php
<?php

session_start();
// Include database connection file
include_once('config.php');

if (!isset($_SESSION['ID'])) {
    header("Location:login.php");
    exit();
}

?>

<style type="text/css">
    .nav-link{
color: #f9f6f6;
font-size: 14px;
    }
</style>
<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <title>Multi user role based application login in php mysqli</title>
        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
    </head>
       <body>
    <nav class="navbar navbar-info sticky-top bg-info flex-md-nowrap p-10">
<a class="navbar-brand col-sm-3 col-md-2 mr-0" href="" style="color: #5b5757;"><b>Webs Codex</b></a>
            <ul class="navbar-nav px-3">
<li class="nav-item text-nowrap">
         <a class="nav-link" href="logout.php">Hi, <?php echo ucwords($_SESSION['NAME']); ?> Log out</a>
</li>
    </ul>
</nav>
<div class="container-fluid">
    <div class="row">
<nav class="col-md-2 d-none d-md-block bg-info sidebar" style="height: 569px">
         <div class="sidebar-sticky">
        <ul class="nav flex-column" style="color: #5b5757;">
    <li class="nav-item">
<a class="nav-link active" href="">
<span data-feather="home"></span>
            Dashboard <span class="sr-only">(current)</span>
</a>
    </li>
<?php if($_SESSION['ROLE'] == 'super_admin'){ ?>
<h6>Sale & Purchase</h6>
    <li class="nav-item">
<a class="nav-link" href="">
         <span data-feather="users"></span>
    Payment
</a>
    </li>
    <li class="nav-item">
        <a class="nav-link" href="">
    <span data-feather="users"></span>
    Sales
</a>
    </li>
    <li class="nav-item">
<a class="nav-link" href="">
         <span data-feather="users"></span>
    Purchases
</a>
    </li>
<?php } ?>
<?php if ($_SESSION['ROLE'] == 'admin' || $_SESSION['ROLE'] == 'super_admin' || $_SESSION['ROLE'] == 'manager') { ?>
<h6>Catalog</h6>
    <li class="nav-item">
<a class="nav-link" href="">
    <span data-feather="users"></span>
    Products
</a>
    </li>
    <li class="nav-item">
<a class="nav-link" href="">
         <span data-feather="users"></span>
    Category
</a>
    </li>
    <h6>Order & Shipping</h6>
<li class="nav-item">
         <a class="nav-link" href="">
        <span data-feather="users"></span>
Shipping
    </a>
</li>

<li class="nav-item">
    <a class="nav-link" href="">
        <span data-feather="users"></span>
Customers
    </a>
</li>
<li class="nav-item">
    <a class="nav-link" href="">
<span data-feather="users"></span>
Order
    </a>
</li>
<?php } ?>
    </ul>
</div>
    </nav>
<main role="main" class="col-md-9 ml-sm-auto col-lg-10 pt-3 px-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pb-2 mb-3">
    <h1 class="h2">Dashboard</h1>
</div>
<div class="table-responsive">
  <table class="table table-striped">
    <thead>
       <tr>
   <th>Id</th>
   <th>Name</th>
   <th>Username</th>
   <th>Role</th>
   <th>Created</th>
</tr>
    </thead>
    <tbody>
<?php
         if ($_SESSION['ROLE'] == "super_admin") {
$query = "SELECT * FROM admins";
    }else{
$role = $_SESSION['ROLE'];
$query = "SELECT * FROM admins WHERE role = '$role'";
    }

        $result = $con->query($query);
if ($result->num_rows > 0) {
        while ($row = $result->fetch_array()) {
    ?>


    <tr>
<td><?php echo $row['id']?></td>
<td><?php echo $row['name']?></td>
<td><?php echo $row['username']?></td>
<td><?php echo $row['role']?></td>
        <td><?php echo date('d-M-Y', strtotime($row['created']))?></td>
    </tr>

        <?php }

}else{
    echo "<h2>No record found!</h2>";
} ?>

</tbody>
    </table>
</div>
    </main>
</div>
    </div>
<script src="https://unpkg.com/feather-icons/dist/feather.min.js"></script>
<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
<script>
    feather.replace();
</script>
</body>
</html>

5. Create administrator Logout page in PHP

logout.php
<?php
session_start();
session_destroy();
session_unset($_SESSION['NAME']);
session_unset($_SESSION['ROLE']);
session_unset($_SESSION['ID']);
header("Location:login.php");
die();
?>


You can always support by sharing on social media or recommending my blog to your friends and colleagues.   
If you have any suggestions / problems about this tutorial, please comment on the  form below.😊


Leave a Reply

This Post Has 2 Comments