edit included php with javascript

Question

Let's say I have two php files.

index.php

<?php
include ('navigation.php');
?>

and navigation.php

<div class="nav">
<li>
<a id="nav1" href="">Navigation1</a>
</li>
<li>
<a id="nav2" href="">Navigation2</a>
</li>
</div>

Navigation2 should be for admins only, so it should be hidden. In this example with javascript.

index.php

<body onload="admin();"
<?php
include ('navigation.php')
?>
</body>

<script>
function admin(){
document.getElementById('nav2').style.display = "none";
</script>

Why isn't this working and how do I make it work?

Answer 1

You should put nav2 inside php if brackets as the client could easily change the css/js. Only displaying the nav2 if user is admin means non-admin users cannot access the information at all.

<div class="nav">
   <li>
    <a id="nav1" href="">Navigation1</a> 
   </li>
  <?php if($admin){ ?>
   <li>
    <a id="nav2" href="">Navigation2</a>
   </li>
  <?php } ?>
</div>

Answer 2

why are you trying to use admin login verification in javascript you can easily do it in php. for example every admin that logs into your system definitely user a user name and password so you can just set your code to store let's say admin name and name it $_SESSION['admin']in sessions and include a session in every admin page that says `if(!$_SESSION['admin_name'] ) {

header("Location: admin_login.php");//redirect to login page to secure the welcome page without login access.

} ` by this way if admin is not logged in and tries to access this page he will redirected to log in page.