SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Member
    Join Date
    Nov 2004
    Location
    florida
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Access Control Problem

    I am having a problem with Chapter 12's Access Control section in the book titled Build Your Own Database Driven Website.

    I have all these files in the same directory:

    access.inc.php
    config.inc.php
    login.inc.php
    access.inc.php

    Now when I go the my index page I have this code at the top of the page.

    <?php require 'secure.inc.php'; ?>

    It pull the login script and prompts me to login, but when I login and hit enter it just blinks and goes back to blank textfields. It doesnt give me access to the file I am trying to gain access to.

    Does anyone know why this is happening?

    thanks

  2. #2
    SitePoint Member
    Join Date
    Nov 2004
    Location
    florida
    Posts
    7
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    help please...

  3. #3
    SitePoint Evangelist
    Join Date
    Aug 2004
    Posts
    428
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Try reading this:
    The PHP Anthology Volume 2, Chapter 1 - Access Control
    http://www.sitepoint.com/article/ant...access-control

    Look around in the forum after you implement the above. Look for my post on that topic. When I had problem.

    Here is my final version of how i'm implementing it here:
    http://aggieculture.tamu.edu/linuxTutorApp/

    Code:
          $db = & new MySQL(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
          $auth=& new Auth ($db,LOGIN_URL); 
           if( $auth->isValid() || isset($_GET['logout'])) {/*returns 0 if user is verified*/
             $auth->logout();
       	     exit();
           }
          $auth->db->closeDb();
    
    //The above is 90% sitepoints implementation just rewriten to suit my needs
    //http://aggieculture.tamu.edu/linuxTutorApp/Documentation/DB_DESIGN_PIC.jpg
    //Look at Permissions bottom right.... the bottom is my added security to 
    		
    	  $site_permissions=$auth->session->get('PERMISSIONS');
              for($i = 0; $i < sizeof($site_permissions); $i++) {
                  if($i==0){$appended_permissions=$site_permissions[$i];}
                  else{$appended_permissions.=", ".$site_permissions[$i];}
               }
    	  if (!eregi("".PER_ADMIN_RANDOM, $appended_permissions)){
             $auth->logout();
    	     exit();
            }

    I'm not done with the site and will not go live till next semester...so i'm the only one seeing it now... try registering as a user and see.... users link so you can see what i'm storing in the sessions.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •