How can the PHP code be modified to prevent unauthorized access to different shop user accounts?

To prevent unauthorized access to different shop user accounts, you can implement a role-based access control system in your PHP code. This involves assigning roles to users (e.g., admin, customer) and checking the user's role before allowing access to specific functionalities or data.

// Example of role-based access control in PHP
session_start();

// Check if user is authenticated
if (!isset($_SESSION[&#039;user_id&#039;])) {
    // Redirect to login page
    header(&quot;Location: login.php&quot;);
    exit;
}

// Check user role before accessing sensitive information
if ($_SESSION[&#039;role&#039;] !== &#039;admin&#039;) {
    // Redirect to unauthorized page
    header(&quot;Location: unauthorized.php&quot;);
    exit;
}

// Admin-only functionality
echo &quot;Welcome, Admin!&quot;;

Keywords

authentication authorization session management password hashing access control

How can the PHP code be modified to prevent unauthorized access to different shop user accounts?

Keywords

Related Questions