CMS admin as part of config.php vs users table

0
votes

I am building a website where, as the author, I want to be able to login online and post new article. I want other users to login as well so they can comment on my posts. However, I don't want to have a "Site Admin" link on my website and I don't want to access it either through url, say "www.example.com/admin". I don't want the public users to see a link or to access the admin url.

So I am thinking of adding the admin id as one of the users in my USERS table. I will have a IS_ADMIN column set to TRUE for that admin id. All other users will have FALSE. In that case, whenever I login as admin id, my page will check if IS_ADMIN is TRUE, then only I will have that "Site Admin" link. If other users login, they won't see the "Site Admin" link since their IS_ADMIN is FALSE.

Once I login as admin, i'll still have www.example.com/admin.php in my url. But other people may just type www.example.com/admin.php.

Is this the secure way of doing it? I really can't decide how to handle this. Please advice.

2
php
first is query if this is same as admin id then open this page otherwise/ elseif open this page, stackoverflow.com/questions/11668814/… - ANSHUL GERA
sorry but you're answer is not even related to my question. - iPhoneJavaDev
What do you mean by: "Once I login as admin, i'll still have www.example.com/admin.php in my url. But other people may just type www.example.com/admin.php." - kojow7

2 Answers

2
votes

How I would do it is as follows:

  1. Add a user_type column (which can include "admin", "editor", and "standard" types) or simply use an admin_flag column with the value of 1 for admins and 0 for non-admins.

  2. After logging in store any necessary user credentials in $_SESSION variables such as $_SESSION['auth'] = 1 (a successful login) and $_SESSION['admin'] = 1 (an admin user). This assumes you are using the admin_flag column method. You could change this to user_type and related value if you prefer that method.

  3. At the top any admin page (such as admin.php) check to see if $_SESSION['admin'] does not exist or if it is not set to 1. If so, redirect the user back to the main page (and/or display an error message telling them that they cannot access this page). Your code should look something like this:

    if (empty($_SESSION['admin']) || $_SESSION['admin'] != 1){
    header("Location: index.php");
    exit();
}

Important: Make sure to have an exit() statement after a header redirect otherwise this opens up a potential security issue of the rest of your script being sent to the user's browser.

You can do something similar with the $_SESSION['auth'] variable to prevent unauthenticated users from doing specific things on your site (or also make it an additional requirement of your if statement above).

1
votes

Just hiding the LINK to the admin page is not secure - you are correct that a non-admin user could just navigate to the page using the full path.

You should also check the admin-ness of the user while rendering admin.php and redirect if they are not you.

However, to be honest, there are so many open-source CMSes out there with great features and battle-tested security, that I'd be inclined to think you should use one of those.

Rolling security from scratch can be instructive, but putting it online live is asking to get your server compromised.