Page 1 of 1

User permissions

Posted: Wed Dec 10, 2003 3:32 pm
by ThinkGeekness
I have a site where users can login with a username and password based on sessions. How would I get it so that out of those users that are logged in, they need to have sufficient permission to view the next directory? I am thinking that in the MySQL database you would put a '1' if they have permission, and a '0' if they dont, but I don't know the php code. Any tuturials for something like this or any help?

Thanks

Posted: Wed Dec 10, 2003 3:45 pm
by DuFF
When the user logs in have a session variable created that is either a number or name rank ("1, 2, 3 or 4" or "Admin, Mod, Regular") that is taken from the database with the username. Then on the page you want protected, have it check if the user is allowed to access the page.

Code: Select all

<?php
if ($_SESSION['rank'] != "Admin") //if user is not Admin
  {
  die ("Permission Denied.  You are not allowed to access this page.");
  }
//or
if ($_SESSION['rank'] <= 2)  //if user is not level 3 or 4
  {
  die ("Permission Denied.  You are not allowed to access this page.");
  }
?>