Database Normalization
Currently, we store our users' statuses
in the same table as the users themselves.
However, this is incorrect - we end up with
a non-normalized table, since the words 'user'
and 'admin' are repeated many times.
It is necessary to perform normalization - let's move
our statuses to a separate table statuses:
| id | name |
|---|---|
| 1 | user |
| 2 | admin |
And in the users table, we will create a column
status_id. Now during registration,
we will write the status's id
from the statuses table into the status_id column:
<?php
$query = "INSERT INTO users
SET login='$login', password='$password', status_id='1'";
?>
The most significant changes will occur during authorization:
to get the user's status,
we will need to perform a LEFT JOIN:
<?php
$login = $_POST['login'];
// Get the user by login and join the status:
$query = "SELECT users.*, statuses.name as status FROM users
LEFT JOIN statuses
ON users.status_id=statuses.id WHERE login='$login'";
$res = mysqli_query($link, $query);
$user = mysqli_fetch_assoc($res);
if (!empty($user)) {
$hash = $user['password'];
if (password_verify($_POST['password'], $hash)) {
$_SESSION['auth'] = true;
$_SESSION['status'] = $user['status']; // status
} else {
}
} else {
}
?>
Redesign your authorization and registration according to the theory described above.
Make changes to the admin panel's functionality (displaying user statuses, changing statuses, and so on).
