Jump to content

PHP login with access control


cory011202

Recommended Posts

Hello all,

 

I have came to this site and received amazing help and I am hoping that you can point me into the right direction in what I am trying to accomplish. I have a site that I want to have a login page that a user logs into. With a successful login they have access to certain areas of the site. I have scoured the internet looking for a tutorial that might explain how this would work. Hopefully someone on here can point me to a place that will point me in the right direction.

 

Work flow will be something like this

 

User logs in as admin: they will see an admin option for user management and what not as users need to be confirmed manually.

 

user logs in as a regular user: they see certain pages but possibly not all pages depending on what their authorized to see.

 

That is it in a nutshell any help will be greatly appreciated.

 

 

 

Link to comment
Share on other sites

Yes, the rank field seems to be the correct way, but if you don't have a strict ordered rank (meaning there are pages/functions a user even with a high rank isn't allowed to use, but another user with a lower rank exceptional is allowed) you probably run into problems.

I solved that using a field for userrights storing a number witch bitwise defines the individual rights. That way is applicible if you don't have more than 32 different right-options (with more than 32 options you may run into problems identifying / setting the correct bit depending on your environment).

 

Let's have a look to some details:

 

1.) I defined an Array containing each userright as key and the corresponding bit as the value:

 

/////UserRights\\\\\
$rights = array(
         "read_group1" => pow(2, 0),
         "read_group2" => pow(2, 1),
         "read_group3" => pow(2, 2),
         "edit_group1" => pow(2, 3),
         "edit_group2" => pow(2, 4),
         "edit_group3" => pow(2, 5),
         "admin_group1" => pow(2, 6),
         "admin_group2" => pow(2, 7),
         "admin_group3" => pow(2, ,
         "usermanager" => pow(2, 9),
         "systemadmin" => pow(2, 10)
      );

In example user 'Fred' is allowed to read, edit and admin groups 1 and 3 and he is allowed to read group 2, his userright result in:

Bit109876543210[/td]

[td]Value

00101101111= 367

The decimal value (367) is stored in the field 'rights' of my usertable.

 

2.) The usertable is read in PHP using the 'normal' database functions. All user data is stored in the named Array $user. So I retrieve the userrights with $user['rights'].

 

3.) Now it is possible to decide in PHP whether a user is allowed to use a function or not comparing his $user['rights'] to my $rights Array:

if ($user['rights'] & $rights['read_group1']) {
	//show messages in group 1
}

if ($user['rights'] & $rights['edit_group1']) {
	//edit messages in group 1
}

 

hope that helped

Burkhard

Link to comment
Share on other sites

Thanks smerny & givememore!! I have been researching this for awhile now as a side project trying to figure this out for local home server. I want to do certain web pages are shown depending on their permissions (rank). I have not implemented this fully but have played with it to ensure I fully understood what you were telling me. 

 

thanks again!

 

Link to comment
Share on other sites

One word of warning before I go any further: any system you build, which involves the transfer of data from a Web page over the Internet, will send that information in clear text by default (Web servers that require Secure Socket Layer (SSL) connections will safely encrypt the data during transit.

 

[spam removed]

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.