Ask a question    Sign Up Sign In
  1. Home
  2. php - How to effectively delete a user as an admin

84 votes
0 answers

php - How to effectively delete a user as an admin

Get the solution ↓↓↓

Solution:

You cannot delete the user's session/cookie on their side... but what you can do is immediately remove their ability to do anything admin-ish.

If the user's credentials are re-checked on the server (based on their sessionID or whatever) prior to any admin-level action, then their admin status is effectively disabled - and you would then transfer them to a non-admin screen at the same time.

You might ask: What if they have the admin screen up and active when I nuke them? There is little you can do about a static screen (they can take a screenshot - you cannot prevent that). They can hit the back button and perhaps view a screen from cache. But

Some possible solutions are:

(a) Use ajax with a setInterval (or recursive setTimeout) function to re-check their admin credentials with the server every X seconds/minutes. Then, even if they are afk they can be logged out of the admin screen. (Of course, this method can be halted by a savvy user by monkeying in DevTools.)

(b) Before any admin action is executed, their creds are re-checked. If they are no longer an admin, the action is refused AND they are returned to a non-admin screen. This method cannot be interfered with by a savvy user.

Won't this introduce a noticeable delay to everything?

No. Re-checking the creds is as simple as live-checking their user-privilege status in your database.

When you de-adminize them, you will change their priv level, so this will be picked up immediately whenever the user tries to do something from that admin screen. Unless you have several thousand users, don't worry about the overhead of doing this. Even with several thousand users, it is still probably a decent way of handling the matter. You are communicating with the server at this point anyway, and within each admin-action function, just insert a quick check to "verify admin status" - so it is just back-end code on the server communicating with its own database. Super quick.

Share solution ↓

Additional Information:
Link To Source
People are also looking for solutions of the problem: foreign key constraint is incorrectly formed laravel

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Similar questions

Find the answer in similar questions on our website.

255 javascript - How to display the original size of an image that was uploaded by a user?
717 php - How can we access a one class object in another class?
613 php - I want to remove controller as well as function name from url
792 php - What are the risks in disable MySQL old passwords?
699 php - How to encrypt Stripe keys in Wordpress database?
151 php - How to convert UTC timezone to user-defined Timezone
166 How to get maximum key/values pair array from a associative array in PHP?
8 phpoffice - How do I extract the text content from a word document with PHP?
467 Changing a PHP value dynamically with Javascript
557 php - Prestashop 1.7 don't see my template file in module

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.





About the technologies asked in this question

PHP

PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites. The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/

Welcome to programmierfrage.com

programmierfrage.com is a question and answer site for professional web developers, programming enthusiasts and website builders. Site created and operated by the community. Together with you, we create a free library of detailed answers to any question on programming, web development, website creation and website administration.

Get answers to specific questions

Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.

Help Others Solve Their Issues

Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.