Jump to content

[SOLVED] User Access pages by user level from My SQL database


Recommended Posts

I am woundering if anyone can help me.  I am trying to secure a page to only admins, no all registered users.  I have a login script in place, and all other pages.  I am using PHP 5, Apache 2.2.3, MySQL 5.  Here is the table

 

CREATE TABLE `rel_users` (

  `userid` int(15) NOT NULL auto_increment COMMENT 'Unique id for user',

  `username` varchar(50) NOT NULL COMMENT 'Unique Username for user',

  `password` varchar(50) NOT NULL COMMENT 'Password for user',

  `firstname` varchar(50) NOT NULL COMMENT 'User First Name',

  `lastname` varchar(50) NOT NULL COMMENT 'User Last Name',

  `address` varchar(150) NOT NULL COMMENT 'User Address',

  `city` varchar(50) NOT NULL COMMENT 'User City',

  `state` varchar(2) NOT NULL COMMENT 'User State Abbreviation',

  `zip` varchar(10) NOT NULL COMMENT 'User Zip Code',

  `phone` varchar(10) NOT NULL COMMENT 'User Phone Number',

  `date` date NOT NULL COMMENT 'Date User was added',

  `userlevel` int(10) NOT NULL default '1' COMMENT 'User Level Access',

  PRIMARY KEY  (`userid`)

) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=latin1;

 

I want a user at userlevel 10 to access all pages, and user at userlevel below 10 to not have access to this page.

 

If anyone is willing to help, that would be appreciated.  Not sure how to do this in anyway, tried many things, but to no avail.

 

Thanks in advance

I have an administrator page to see users logged in, block users, change passwords, that sort of thing, and want only administrators with level 10 access to access the page, all other users get an error message.  They have their own information page to update info, and dont need to access everyone else's info.  I am wounder if there is a way to put something into a session, or cookie such as 10, or admin, and have the page look for that when someone looks at the page, and if that isnt there, to give them an error, or redirect them to another page.  As in my database, I have a user level field that admins are level 10, and users are level 1.  I did this so I can set different user levels later if needed. 

That is what I want to do is check to see if the user is level 10 or higher on this page, if level 10, continue, if less level, give error message, but not sure as to how to do this.  I am woundering if there is a session, or cookie that i need to add with the value of 10 or something, and how to check for that.

Got this figured out, had to add

 

// open connection

$connection = mysql_connect($server, $user, $pass) or die ("Unable to connect!");

 

// select database

mysql_select_db($db) or die ("Unable to select database!");

 

$sql_pass_get = "SELECT * FROM rel_users WHERE username = '$_REQUEST[username]'";

$user_info = mysql_fetch_array(mysql_query($sql_pass_get));

 

$_SESSION['userlevel'] = $user_info['userlevel'];

 

if ($_SESSION['userlevel'] == 10) {

    echo "<font color=RED>You are an administrator and have access to this page.</font><br />";

}else {

echo die ("<font color=RED>You do not have access to this page, Return to the <a href=home.php>Home</a> Page.</font>");

}

 

To the top of the page.

I am new to PHP, and am learning as I go, so that is why I am doing it this way, if you could give me an example of it different, and with shorter code, that would be great.  Thanks for the advice as well, I will look into that.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.