Open insertproducts.php in your editor.  At the moment anyone who visits this page will see  the same thing.  To prevent that you need to add a new if/else statement which will go around all the existing page content more or less like you just did to viewlog.php

First you need to make sure the few lines at the top of this page include the ones at the top of viewlog.php (include functions.php and do a log in check putting the result into a variable called $type).  You should also have the call to the logging function form the PHP section practise.  If you want to save some time you could copy those few lines onto all the other pages on the site as well as you will need them soon.

At the moment the page is structured like this:

Opening PHP block which runs two functions

Opening HTML block which sets up the head element, the navigation bar and the main heading

The existing if/else which shows the form or processes it

The footer and closing tags

The new if/else needs to go around the existing one like this:

Opening PHP block which runs two functions

Opening HTML block which sets up the head element, the navigation bar and the main heading

>>>if condition here

The existing if/else which shows the form or processes it

>>>else here

The footer and closing tags

The if condition will be (paste it in just before the existing one):

if($type=="staff" || $type="admin"){

That allows any staff or admin to insert products.

After the existing if/else is ended you need to close the curly bracket and put the else:

} else {

}

Visit logout.php in your browser to be sure you are logged out.  Then visit insertproducts.php and the page should be blank apart from the heading.  Visit login.php, log in as pandora and try again and you should be able to add a product as before.

The final step is to put a simple message inside the else which tells the user they need to log in to use this page.  Do that.

Once you are sure this page is working properly copy exactly the same code to the same places in editproduct.php and then test that as well.  Remember the lines from the top of the page if you have not already copied those across.

Now do deleteproduct.php.  The new if goes around the three or four lines which do the deleting.  The else goes after them.  The rest is the same.