What is the best way to set up an authentication script for users with different permissions in a MySQL DB. Let's say that there's zone_a, zone_b, and zone_c. There's super_user, user_1, user_2, and user_3. There should be no restrictions for super_user, and that user should be able to set permissions for the other users. i.e. user_1 has permissions to view the alteration page for zone_a and zone_c, where the rest of the users only have permissions to view the alteration page for their relative page.(user_2=zone_b, user_3=zone_c) I've seen the scripts for user authentication where the query checks for mysql_num_rows==1 and I need a new way to think about this.
Many thanks for your time,
Joe
Authentication
Moderator: General Moderators
Re: Authentication
Instead of having to add a field when you add new user types, and new permissions, you could have a table of users, a table of permissions and a 3rd relational table that contains mappings of users to permissions. Id suggest writing a simple permissions checking object your user object can call, or looking at many of the open source solutions for this common design problem