SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. Nov 16, 2004, 22:20 #1
    neiro
    neiro is offline
    SitePoint Member
    Join Date
    Nov 2004
    Location
    florida
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Access Control Problem

    I am having a problem with Chapter 12's Access Control section in the book titled Build Your Own Database Driven Website.

    I have all these files in the same directory:

    access.inc.php
    config.inc.php
    login.inc.php
    access.inc.php

    Now when I go the my index page I have this code at the top of the page.

    <?php require 'secure.inc.php'; ?>

    It pull the login script and prompts me to login, but when I login and hit enter it just blinks and goes back to blank textfields. It doesnt give me access to the file I am trying to gain access to.

    Does anyone know why this is happening?

    thanks
  2. Nov 20, 2004, 02:03 #2
    neiro
    neiro is offline
    SitePoint Member
    Join Date
    Nov 2004
    Location
    florida
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    help please...
  3. Nov 20, 2004, 11:58 #3
    leblanc
    leblanc is offline
    SitePoint Evangelist
    Join Date
    Aug 2004
    Posts
    428
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Try reading this:
    The PHP Anthology Volume 2, Chapter 1 - Access Control
    http://www.sitepoint.com/article/ant...access-control

    Look around in the forum after you implement the above. Look for my post on that topic. When I had problem.

    Here is my final version of how i'm implementing it here:
    http://aggieculture.tamu.edu/linuxTutorApp/

    Code:
          $db = & new MySQL(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
      $auth=& new Auth ($db,LOGIN_URL); 
       if( $auth->isValid() || isset($_GET['logout'])) {/*returns 0 if user is verified*/
         $auth->logout();
   	     exit();
       }
      $auth->db->closeDb();

//The above is 90% sitepoints implementation just rewriten to suit my needs
//http://aggieculture.tamu.edu/linuxTutorApp/Documentation/DB_DESIGN_PIC.jpg
//Look at Permissions bottom right.... the bottom is my added security to 
		
	  $site_permissions=$auth->session->get('PERMISSIONS');
          for($i = 0; $i < sizeof($site_permissions); $i++) {
              if($i==0){$appended_permissions=$site_permissions[$i];}
              else{$appended_permissions.=", ".$site_permissions[$i];}
           }
	  if (!eregi("".PER_ADMIN_RANDOM, $appended_permissions)){
         $auth->logout();
	     exit();
        }

    I'm not done with the site and will not go live till next semester...so i'm the only one seeing it now... try registering as a user and see.... users link so you can see what i'm storing in the sessions.
    www.robusthaven.com

« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules