Best way to do an user permission system

[Dânêl]

Hi,

first of all, I hope you can understand me...I know my big english limits. Sorry for those 

I am at my first serious big project and i nedd to implement an user permission system. Because of my quite inexistent experience I would know your opinion about the best way to do that.

In this project I use smarty as template engine and I need to set some recstriction for editing post, delete images and so on, including obviously setting moderators and admins.

I hope this short descriptions is sufficient...sorry if not.

 

Well, what is your opinion about?

[budimir]

Well, the simpliest is that you input 1- User 2-Admin and the following

 

if ($permission == 2) { echo display link} else { nothing}

[obsidian]

One of the best ways I have found for this type of permission system is to have a separate class object for each type of user that extends a base class. For instance, your basic user would have a standard user object which fleshes out all of the functions a standard user is able to do. Then, I would extend that class with a moderator object and overload any functions in which the moderator needs additional access and/or permissions. I then do the same thing for the administrator users. This way, each user class knows exactly what it needs to do, and if you instantiate the appropriate user type, the template never has to be checking credentials. The only time you really have to worry about loading different values with this method is at the time the user logs in: you have to load them with the appropriate level of user.

 

I hope this helps some.

[Dânêl]

Thanks for replies.

Well:

 

Well, the simpliest is that you input 1- User 2-Admin and the following

 

if ($permission == 2) { echo display link} else { nothing}

This is the actual system type I thought to use . But it is a bit limited and less elegant, in my opinion. But it is the only way I find

 

One of the best ways I have found for this type of permission system is to have a separate class object for each type of user that extends a base class. For instance, your basic user would have a standard user object which fleshes out all of the functions a standard user is able to do. Then, I would extend that class with a moderator object and overload any functions in which the moderator needs additional access and/or permissions. I then do the same thing for the administrator users. This way, each user class knows exactly what it needs to do, and if you instantiate the appropriate user type, the template never has to be checking credentials. The only time you really have to worry about loading different values with this method is at the time the user logs in: you have to load them with the appropriate level of user.

 

I hope this helps some.

This is a good solution but in my context and for what I need it is a bit too complicated. Thanks anyway, it colud be useful in future.

 

Searching in this forum I read about using bit for permission. It could be an elegant e good solution, but if i need to show or not a button or link based on user permission the only way to do that is to use a similar code like that posted budimir ?

 

[garry]

^ Yes, just a simple if statement is the best way to do it.

[waynewex]

Upon login you could register a session like:

 

$_SESSION['permissions'] = "admin";

 

Which of course is taken from a column in the user db.