Embedded Security In Html Pages

[bigjoe11a]

In a page I have, I have 2 links. each link relates to add or just view. Link 1) is where a user adds an entry. and link 2 is where you can view the entry.look at the code blow:<a href="{SITE_ROOT}blog/addentry.php?bid={BID}" style="margin-left:100px;text-decoration:none">Add Entry</a> <a href="{SITE_ROOT}blog/viewentry.php?bid={BID}" style="margin-left:100px;text-decoration:none">View Entries</a>The 1st link. I don't just want any one adding a new entry to this persons blog. I only want the user who made the blog to be a allowed to add to his/her blog.So how can I hide the 1st link from every one other then the user who created the blog.

[Ingolme]

Does the template engine have some form of conditional like "IF" Aside from hiding the link, you also have to make sure that if an article is being submitted, it's by somebody who has authority to do so. Just hiding the link doesn't ensure security.

[bigjoe11a]

Below you will find the class that I use for the template. and that is a very good Idea. Is making sure the user who is submiting the new entry is the owner of the blog. I'll have to add that option in. I still need to hide the link for it.

class Page {    var $page;    var $_rootref;    function Page($template) {	    if(file_exists($template)) {		    $this->page = join('', file($template));	    }	    else {		    die('Template file ' . $template . ' not found.');	    }    }       function parse($file) {	    ob_start();		    include($file);		    $buffer = ob_get_contents();		    ob_end_clean();	    return $buffer;    }    function replace_tags($tags = array()) {	    if(sizeof($tags) > 0) {		    foreach ($tags as $tag => $data) {			    $data = (file_exists($data)) ? $this->parse($data) : $data;			    $this->page = eregi_replace('{' . $tag . '}', $data, $this->page);		    }	    }	    else {		    die('No tags designated for replacement.');	    }    }    function output() {	    echo $this->page;    }}