SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Addict
    Join Date
    Apr 2006
    Location
    London, United Kingdom
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Talking First PHP Script - Need structuring help

    I'm currently doing a course in PHP development. I've decided to construct a Client Login Script for my web design company. I was wondering if anyone could suggest a suitable but simple structure I could use for the script? Here is a brief description what I'm planning to construct.

    General Features:
    Powered by MySQL Database
    Two user account types; admin and client
    Accounts secured by username and password

    Features for admin panel:
    - Ability to create and edit accounts
    - Add and edit content for each client
    - Add info about each client

    Features for client panel:
    - View/download PDF invoices
    - View download contract
    - View and comment on screenshot and HTML previews on their design
    - View/Edit/Add to their brief
    - Edit their contact information
    - Submit a testimonial
    - Download Project files

    Can anyone point me in the right direction in terms of finding a suitable structure/strategy for this kind of script?
    eFlair Design | Premium Design Services and Web Consultation

  2. #2
    SitePoint Guru
    Join Date
    Aug 2009
    Posts
    669
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Only thing I can think of here is the account types. When you get bigger you may want others (EG staff) to have access but not have damaging abilities (EG deleting everything). So from that, I'd recommend user groups and not just two types of user.

    When it comes to permissions, simply have a table with all the columns given a name of each permission. Make it Int (1) and then you can treat it like a boolean.

    With each new usergroup you just insert a row and set the column for each permission to 1 for enabled and 0 for disabled. Then it's easy to check if each user, employee, supervisor, manager etc has permission to each action.

  3. #3
    SitePoint Addict
    Join Date
    Apr 2006
    Location
    London, United Kingdom
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by tangoforce View Post
    Only thing I can think of here is the account types. When you get bigger you may want others (EG staff) to have access but not have damaging abilities (EG deleting everything). So from that, I'd recommend user groups and not just two types of user.

    When it comes to permissions, simply have a table with all the columns given a name of each permission. Make it Int (1) and then you can treat it like a boolean.

    With each new usergroup you just insert a row and set the column for each permission to 1 for enabled and 0 for disabled. Then it's easy to check if each user, employee, supervisor, manager etc has permission to each action.
    Thanks, really helpful

    Does anyone have any comments on how to structure the PHP coding?
    eFlair Design | Premium Design Services and Web Consultation

  4. #4
    SitePoint Guru bronze trophy TomB's Avatar
    Join Date
    Oct 2005
    Location
    Milton Keynes, UK
    Posts
    988
    Mentioned
    9 Post(s)
    Tagged
    2 Thread(s)
    I wouldn't use a column for each permission, you'll end up with a scalability nightmare.

    Either create a table with:


    userId | permissionId | permissionValue



    or (my personal preference) use bitmasks

  5. #5
    SitePoint Addict
    Join Date
    Apr 2006
    Location
    London, United Kingdom
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by TomB View Post
    I wouldn't use a column for each permission, you'll end up with a scalability nightmare.

    Either create a table with:


    userId | permissionId | permissionValue



    or (my personal preference) use bitmasks
    Thanks for your reply. Can you explain how to actually make it work in terms of the sql query? My admin panel will have a form which will allow me to make more user accounts. Within the form I have a dropdown menu with three options "Admin", "Client", or "Staff".

    If I were to use two tables, one separately for the permissions, how would I code the sql query to assign the chosen permission with the user ID? And how do I aquire the user ID (since the ID is my primary key and set to auto increment)
    eFlair Design | Premium Design Services and Web Consultation

  6. #6
    SitePoint Guru rageh's Avatar
    Join Date
    Apr 2006
    Location
    London, Formerly Somalia
    Posts
    612
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How about a very simple user permission table with only two fields, userID and permission level. For example, you set 3 for admin, 2 for stuff and 1 for client. When you add a new user, you surely have the last_insert_id(). So that will populate the userID column and the permission level for that user on the other column. There is no need for this table to be auto increment.

    Code MySQL:
    CREATE TABLE `user_permissions` (
     `userID` int(11) NOT NULL,
     `permission_level` int(11) NOT NULL
    ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
    ------------------

  7. #7
    SitePoint Addict
    Join Date
    Apr 2006
    Location
    London, United Kingdom
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by rageh View Post
    How about a very simple user permission table with only two fields, userID and permission level. For example, you set 3 for admin, 2 for stuff and 1 for client. When you add a new user, you surely have the last_insert_id(). So that will populate the userID column and the permission level for that user on the other column. There is no need for this table to be auto increment.

    Code MySQL:
    CREATE TABLE `user_permissions` (
     `userID` int(11) NOT NULL,
     `permission_level` int(11) NOT NULL
    ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
    That just clears it up perfectly, thanks a lot
    eFlair Design | Premium Design Services and Web Consultation

  8. #8
    SitePoint Addict
    Join Date
    Apr 2006
    Location
    London, United Kingdom
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nevermind, fixed.
    eFlair Design | Premium Design Services and Web Consultation

  9. #9
    SitePoint Addict
    Join Date
    Apr 2006
    Location
    London, United Kingdom
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi guys, I'm having another problem with my PHP MySQL Queries!

    PHP Code:
        $sql "SELECT * FROM `users` WHERE email = '$email' AND password = '$encrypt_pass' ";
        
    $result mysqli_query($dbcon,$sql);
        if(!
    $result) { die('Query Error' mysql_error()) ; }
        
    $num_rows mysql_num_rows($result);
        if (
    $num_rows 1) {
            
    $_SESSION['login'] = '';
            die(
    mysql_error());
        } 
    This always gives me the following error:

    Warning: mysql_num_rows() expects parameter 1 to be resource, object given in C:\wamp\www\login.php on line 44
    Line 44 is the following line:

    PHP Code:
        $num_rows mysql_num_rows($result); 
    Help!
    eFlair Design | Premium Design Services and Web Consultation

  10. #10
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Location
    Sydney, Australia
    Posts
    31
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Be careful with your code.

    The functions and returned resources of MySQL and MySQLi are different. You should be "mysqli_num_rows" instead.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •