Page 1 of 1

permission to access links to page

Posted: Mon Feb 01, 2010 2:30 am
by rrn
in my website i have done a log in page . all users can log in using there email and password
after logging in ,
code is below

Code: Select all

<?php
 
session_start();
$message = "Invalid Email or Password";
 
$result=mysql_query("SELECT * FROM ".TABLE_USERS." where email='".mysql_real_escape_string
 
($_POST['email'])."' AND password = '".mysql_real_escape_string($_POST['password'])."' LIMIT 1 ");
 
 
 
 
 $rowsReturnedByMatch = mysql_num_rows($result);
  if ($rowsReturnedByMatch != 1)
   {
   echo $message;
  }
  else
   {
   header('location: after_login.php');
   exit();
  }
$email=$_POST['email'];
$password=$_POST['password'];
?>
 
above code is working fine.
in the after_login.php page
there are 3 links to 3 other php pages ...
like this

Code: Select all

<a href ="link1.php">link1</a>
<a href ="link2.php">link2</a>
<a href ="link3.php">link3</a>
 
all users should not have permission to follow all link , suppose user1 can only access link1 , if he clicks link

2 / link 3 ...it will show an alert message "no permission" .
user2 2 has permission to acces link 2 and link 3 , not link 1 ...if he clicks link 1 , it will show message

in database there is a USERS table with fields email , password , link1 , link2 , link3

email
------
user1@test.com
user2@test.com

password
------------------

*****
******
link1
----
1
0

link2
-----
0
1

link3
-----
0
1

what i was planning to do is. when user1 clicks the link1 , it should check whether the corresponding value

for link1 / link2 / link3 for tat email is set to 1 or not and act accordingly..
hope you understood the fact ??
can anyone suggest a way to implement this... any help will be appreciated ... it will be very helpful to me..
thank you..

Re: permission to access links to page

Posted: Thu Feb 04, 2010 5:49 am
by jaiswarvipin
Keep as it is. I will show you diffrent way to achive this task
1) Store the all permission in the session variable and once you login and before after_login.php page loded check whcih lick permission is has like

Code: Select all

 
<?php if($_SESSION['link1']=="1") {?><a id="link1" href="">Link1</a><?php }>
<?php if($_SESSION['link2']=="1") {?><a id="link2" href="">Link2</a><?php }>
<?php if($_SESSION['link'3]=="1") {?><a id="link3" href="">Link3</a><?php }>
 
3) Achive same thing using "JavaScript". but using

Code: Select all

 
document.getElementById("link1").style.dipslay = "none";
 
4) Or create session who stored you menu code in the that as string and create that string in login.ph page only.