Restrict Access to users based on the value of a variable in the database

[bambo123]

Hey guys,

I am quite new to PHP and MySQL and I have a question concerning access  restriction. For a website project I am experimenting with Dreamweaver's  login and restrict access behavior, which works fine. However, on the  website I would like to restrict access for users that only have a 1 set  in the corresponding MySQL database (which means that e.g. each page has a different variable in the database that can be set to 1, which would allow me to personify access beyond the level of the out-of-the box option, where each user can only have one access level). So it is quite similiar to the  out-of-the-box restrict access to page based on user group, but just  depending on another variable in the database.

 

So, what I am basically looking for is sth like this:  Firstly, I will integrate the restrict access feature of Dreamweaver. However, for my project I need a possibility to restrict access to each page individually. I though this can maybe be done by giving each page a unique variable that is preset to 0 and if a user gets access to this page, I can change it to 1.

 

I guess it can be done with an if condition that checks in the database if the logged in user has a 1 in this variable, and if yes give her/him access if not redirect to another page. However, I could not figure out  how to implement that.

 

Your help is highly appreciated!

 

Thanks in advance!

[DaiLaughing]

If you want access by individual user you could just create a new table and list the pages and access rights for each user or even hard code it into the PHP at the top of each page. 

 

Alternatively you could use groups and record the group who has access to each page either in the PHP or in a table.  I used this approach as all you have to do is find the groups the user is in and compare them to the groups who have access.

 

Either way you then have another issue - who can see what links to these other pages?  If a user does not have access to some pages then do you really want to give them the frustration of clicking on a link and then being told they are not allowed in?

[bambo123]

Dear DaiLaughing

Thanks a lot for your answer. Your idea inspired me and based on the fact that I know very little PHP and MySQL, I think it might be the best solution to work as often as possible with the out-of-the-box options of Dreamweaver. I think I could solve my problem if I give each page its own access level, and then only give users access to this page if they own the right access level. So my question is now if and if yes how I can give a single user multiple access levels and then store this data in MySQL, that Dreamweaver understands it.

 

Thanks a lot for your help!!

[GarethB]

Could you not set different user 'levels' allowing you restrict access to certain areas of your website depending on the level.

 

For example:

 

if ($usrlvl > 1){

Restricted content

}
else
{
echo ("You do not have access to this area of the website!");
}

 

Is that what your trying to achieve?