SitePoint Sponsor |
|
User Tag List
Results 1 to 3 of 3
Thread: Access Control Problem
-
Nov 16, 2004, 23:20 #1
- Join Date
- Nov 2004
- Location
- florida
- Posts
- 7
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Access Control Problem
I am having a problem with Chapter 12's Access Control section in the book titled Build Your Own Database Driven Website.
I have all these files in the same directory:
access.inc.php
config.inc.php
login.inc.php
access.inc.php
Now when I go the my index page I have this code at the top of the page.
<?php require 'secure.inc.php'; ?>
It pull the login script and prompts me to login, but when I login and hit enter it just blinks and goes back to blank textfields. It doesnt give me access to the file I am trying to gain access to.
Does anyone know why this is happening?
thanks
-
Nov 20, 2004, 03:03 #2
- Join Date
- Nov 2004
- Location
- florida
- Posts
- 7
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
help please...
-
Nov 20, 2004, 12:58 #3
- Join Date
- Aug 2004
- Posts
- 428
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Try reading this:
The PHP Anthology Volume 2, Chapter 1 - Access Control
http://www.sitepoint.com/article/ant...access-control
Look around in the forum after you implement the above. Look for my post on that topic. When I had problem.
Here is my final version of how i'm implementing it here:
http://aggieculture.tamu.edu/linuxTutorApp/
Code:$db = & new MySQL(DB_SERVER, DB_USER, DB_PASS, DB_NAME); $auth=& new Auth ($db,LOGIN_URL); if( $auth->isValid() || isset($_GET['logout'])) {/*returns 0 if user is verified*/ $auth->logout(); exit(); } $auth->db->closeDb(); //The above is 90% sitepoints implementation just rewriten to suit my needs //http://aggieculture.tamu.edu/linuxTutorApp/Documentation/DB_DESIGN_PIC.jpg //Look at Permissions bottom right.... the bottom is my added security to $site_permissions=$auth->session->get('PERMISSIONS'); for($i = 0; $i < sizeof($site_permissions); $i++) { if($i==0){$appended_permissions=$site_permissions[$i];} else{$appended_permissions.=", ".$site_permissions[$i];} } if (!eregi("".PER_ADMIN_RANDOM, $appended_permissions)){ $auth->logout(); exit(); }
I'm not done with the site and will not go live till next semester...so i'm the only one seeing it now... try registering as a user and see.... users link so you can see what i'm storing in the sessions.
Bookmarks