Try reading this:
The PHP Anthology Volume 2, Chapter 1 - Access Control
http://www.sitepoint.com/article/ant...access-control
Look around in the forum after you implement the above. Look for my post on that topic. When I had problem.
Here is my final version of how i'm implementing it here:
http://aggieculture.tamu.edu/linuxTutorApp/
Code:
$db = & new MySQL(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
$auth=& new Auth ($db,LOGIN_URL);
if( $auth->isValid() || isset($_GET['logout'])) {/*returns 0 if user is verified*/
$auth->logout();
exit();
}
$auth->db->closeDb();
//The above is 90% sitepoints implementation just rewriten to suit my needs
//http://aggieculture.tamu.edu/linuxTutorApp/Documentation/DB_DESIGN_PIC.jpg
//Look at Permissions bottom right.... the bottom is my added security to
$site_permissions=$auth->session->get('PERMISSIONS');
for($i = 0; $i < sizeof($site_permissions); $i++) {
if($i==0){$appended_permissions=$site_permissions[$i];}
else{$appended_permissions.=", ".$site_permissions[$i];}
}
if (!eregi("".PER_ADMIN_RANDOM, $appended_permissions)){
$auth->logout();
exit();
}
I'm not done with the site and will not go live till next semester...so i'm the only one seeing it now... try registering as a user and see.... users link so you can see what i'm storing in the sessions.
Bookmarks