Page 1 of 1

File Manager - help solve design issue

Posted: Tue Dec 06, 2005 7:24 am
by merlin89
I am using a great login script with admin found at http://www.evolt.org so now that I have the users id and can prevent them from accessing certain directories I am guessing I would need to add a little more to the admin of this script such that admin can allow give each user rights on a directory basis such that e.g. they can view,upload,download files etc. Hwta would be the best way of going about this Im thinking adding a config file that contains a large array with all these user details and the admin can change permissions Im a bit unsure here about which direction I should. All forum membvers have been so kind in the past so youre helpand suggestions are thankfully recieved.

Posted: Tue Dec 06, 2005 7:40 am
by Chris Corbyn
The theory of my design off the top of my head.....

Use database: Store all the users in there. I'm guessing you already have that.

Deny users access to *all* directories by default. Then store paths that the users have access to inside your DB. You'll need to add code to your file manager to determine which directories the currently logged in user had access to. It should work nicely I'd think :)

I can vaguely picture the table structures in the database and a little bit of how the code would come together so if nobody has posted something later on (sorry I'm at work right now) I'll put some pseudo design up :)

thanks

Posted: Tue Dec 06, 2005 9:44 am
by merlin89
using the login script I mentioned prior calls upon user names from a db. To view all the files in a current directory calls upon an index.php within that directory to stop each user viewing the contents that particular directory I tested out by adding to the top of the index.php that that username wasnt valid and was redirected back to a higher level directory...so far

Re: thanks

Posted: Tue Dec 06, 2005 11:01 am
by Chris Corbyn
merlin89 wrote:using the login script I mentioned prior calls upon user names from a db. To view all the files in a current directory calls upon an index.php within that directory to stop each user viewing the contents that particular directory I tested out by adding to the top of the index.php that that username wasnt valid and was redirected back to a higher level directory...so far
You want to work along those lines but certainly do not want to be hardcoding any usernames (expect perhaps a root/superuser) in to the code... it'll be a nightmare to maintain :)

test only

Posted: Tue Dec 06, 2005 11:10 am
by merlin89
Yeah agreed That was used as a test to see if the login script worked thats why I thought now I need to go down the user rights in a config file or DB so that when a user logs in his rihts can be checked against that but porbably another issue i need to think about how to code something into the index files that refers the user to be checked against that file/db...mmmm