restrict user access on certain pages

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
ma5ect
Forum Commoner
Posts: 35
Joined: Wed Jun 25, 2008 8:38 am

restrict user access on certain pages

Post by ma5ect »

Hi PPL,

On my website i have setup user log in. once they log in i want to restrict certain users from certain pages.. and on some pages i want the user to enter their username and password again..but i am stuck on how to restrict them.. any user guides on how to tackle this issue..i am using dreamweaver cs3

many thanx
User avatar
Jasheppard
Forum Newbie
Posts: 24
Joined: Tue Jun 17, 2008 11:44 pm

Re: restrict user access on certain pages

Post by Jasheppard »

set a cookie or session var or whatever:

Code: Select all

 setcookie("auth",convert('true','encrypt'),time()+3600); // the convert() function is my encrypter :)
after they log in and on the page you want to restrict...

Code: Select all

if (convert($_cookie['auth'],'encrypt')!="true") die("ACCESS DENIED");
Rovas
Forum Contributor
Posts: 272
Joined: Mon Aug 21, 2006 7:09 am
Location: Romania

Re: restrict user access on certain pages

Post by Rovas »

ma5ect wrote:Hi PPL,
... and on some pages i want the user to enter their username and password again...
Why? Your users will get annoyed and leave. If you want to still do it make it so that you verify his passwords think the way Yahoo, Google do this.
User avatar
highjo
Forum Contributor
Posts: 118
Joined: Tue Oct 24, 2006 1:07 pm

Re: restrict user access on certain pages

Post by highjo »

you can actually have tables in the database to store user privileges (if it's not already there) by organizing them in a user groups.It's done usually with numbers.if you have a table that store credentials like username and password, you can create a new table called for example group_id where you have g_id and role fields.then you append to your credentials table the field g_id.you'll do the referencing stuff.Now you can store the g_id in a session when user log in.then in your logic according to the number of group that you have you can limit the access to certain pages by their g_id.and bring them a login page.You can add the session time out system if needed.Hope this help. :)
Post Reply