Jump to content

Setting Different Access Privileges

Acute Chaos

By Acute Chaos
in PHP Coding Help

 Share

Recommended Posts

Acute Chaos Newbie

Acute Chaos

Posted
Posted

I'm building a members' site.  I am a major noob so I am using various tutorials to get me through this but my lack of php know how has me stopped. 

 

I have two groups of users on this site.  They both use the majority of the site but there are pages that only one group can access and other pages that only the other group can access.

 

I have a session set to ensure they are logged in to access the site.  Works fine.

 

In my database I have a place that marks the status of the user and I thought if I set another session var specific to each group using that information I could check that before allowing access to their specific pages.  Makes sense?

 

Here is what I have:

 

session_start();

 

if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {

header("location: access-denied.php");

exit();

 

How do I code:

 

if "SESS_MEMBER_ID" and "SESS_STATUS - set to 'coach'" are both not set - access denied

 

or   

 

if "SESS_MEMBER_ID" and "SESS_STATUS - set to 'player'" are both not set - access denied

 

 

If this isn't the best way to go about it please say so as well!!

 

Thanks so much in advance for your help.  I really appreciate it!  :)

Link to comment
https://forums.phpfreaks.com/topic/240376-setting-different-access-privileges/
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted
How do I code:

 

if "SESS_MEMBER_ID" and "SESS_STATUS - set to 'coach'" are both not set - access denied

 

or     

 

if "SESS_MEMBER_ID" and "SESS_STATUS - set to 'player'" are both not set - access denied

 

Like so

// define the people to allow access
$people_to_allow = array('coach','player');

if ( !(isset($_SESSION['SESS_MEMBER_ID']) && is_numeric($_SESSION['SESS_MEMBER_ID'])) ||        // check that SESS_MEMBER_ID is set and contains a number
     !(isset($_SESSION['SESS_STATUS']) && in_array($_SESSION['SESS_STATUS'], $people_to_allow)) // check that SESS_STATUS is set and that is in the $people_to_allow array
    )
{
    header("location: access-denied.php");
    exit();
}

Acute Chaos Newbie

Acute Chaos

Posted
  • Author
Posted

Thanks for the reply.

 

Forgive my ignorance... but that's why I'm here I guess.

 

With this how can I be specific for access in that on one page I only allow the 'coach' access and other pages only allow 'player' access?

 

The member id lets everyone in and this would appear to let everyone in as well.  No?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.