SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Member
    Join Date
    Apr 2010
    Location
    Denver, Colorado
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Restrict access to current members

    I'm looking for guidance how to use PHP and MySQL to manage member access to a site. That is, based on an individual's membership expiration date to the organization, they would be prevented from accessing the members-only pages. Any help would be greatly appreciated.

  2. #2
    Unobtrusively zen silver trophybronze trophy
    paul_wilkins's Avatar
    Join Date
    Jan 2007
    Location
    Christchurch, New Zealand
    Posts
    14,526
    Mentioned
    83 Post(s)
    Tagged
    3 Thread(s)
    Your page will want to do the following:

    • if member is not stored in a session variable
      • set a session redirect variable with the current page location
      • redirect to a login page
    • show the page


    The login page would:
    • set a session variable so that other pages can determine that the person is a valid member
    • and then return to the redirected page
    Programming Group Advisor
    Reference: JavaScript, Quirksmode Validate: HTML Validation, JSLint
    Car is to Carpet as Java is to JavaScript

  3. #3
    SitePoint Wizard frank1's Avatar
    Join Date
    Oct 2005
    Posts
    1,392
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I make a ACL matrix (With CRUD allow/deny indicators)
    and matching position of person with allowed priviledge for that position from database

  4. #4
    SitePoint Member
    Join Date
    Apr 2010
    Location
    Denver, Colorado
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks very much for responding. I'm afraid I'm very new at this technology and needing a walk-through on the procedure. Any possibility you could point me to an example?

  5. #5
    SitePoint Wizard frank1's Avatar
    Join Date
    Oct 2005
    Posts
    1,392
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by conmolbry View Post
    Thanks very much for responding. I'm afraid I'm very new at this technology and needing a walk-through on the procedure. Any possibility you could point me to an example?
    well the best example of acl is this forum itself vbulletin usues it
    so does phpbb

    and i guess it wont be ideal to refer it to u now,cakephp has very good acl model

    and other have look at these
    http://www.phpeveryday.com/articles/...LIST-P823.html
    http://net.tutsplus.com/tutorials/ph...-login-system/

  6. #6
    SitePoint Member
    Join Date
    Apr 2010
    Location
    Denver, Colorado
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Sorry I was trying to respond to the gentleman from Christchurch. I really can't understand what you're saying.

  7. #7
    SitePoint Zealot
    Join Date
    Jan 2006
    Location
    Gold Coast, Australia
    Posts
    123
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As frank1 said, have a look at this tutorial http://net.tutsplus.com/tutorials/ph...-login-system/

    People here can tell you how to build it in theory, but as you said you are new to the technology, so why not just use that tutorial to help you.

  8. #8
    Unobtrusively zen silver trophybronze trophy
    paul_wilkins's Avatar
    Join Date
    Jan 2007
    Location
    Christchurch, New Zealand
    Posts
    14,526
    Mentioned
    83 Post(s)
    Tagged
    3 Thread(s)
    Quote Originally Posted by conmolbry View Post
    Sorry I was trying to respond to the gentleman from Christchurch. I really can't understand what you're saying.
    The tutorial at http://net.tutsplus.com/tutorials/ph...-login-system/ gives you all of the code to properly setup and manage user and admin permissions. It uses a similar technique as what I described earlier to check if a person has the right permission or not.

    For example:

    Code php:
    <?php  
    include("assets/php/database.php");  
    include("assets/php/class.acl.php");  
    $myACL = new ACL();  
    if ($myACL->hasPermission('access_admin') != true)  
    {  
        header("location: insufficientPermission.php");  
    }  
    ?>

    As they say though, the devil is in the details, but fortunately for you someone else has already worked out the details and provided them for you as a tutorial, so that you end up with a production-ready solution.
    Programming Group Advisor
    Reference: JavaScript, Quirksmode Validate: HTML Validation, JSLint
    Car is to Carpet as Java is to JavaScript

  9. #9
    SitePoint Member
    Join Date
    Apr 2010
    Location
    Denver, Colorado
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Right, I'll give it a try. Thanks to you all for the great help.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •