I've done it :-) But be careful. There are dozens of way to implement this. My way is simple, but makes use of too many sql queries I believe. Could have stored everything in one line and grab it at user's login, but anyway.... My current way seems more logical to follow and update.
I have created these 'groups of power', where you can add/remove users. Since an user can be part of more than one group, I store in a session array these groups ids. In a page where it's necessary to verify if the user (actually, the groups he's attached to) can perform certain actions, there's a little check like this: $var = ''; foreach ($_SESSION['user']['group_ids'] as $value) { $var .= "OR group_id = '$value' "; } And a Mysql query: // 'groups' is a table with a collumn for every section of the site. $sql = "SELECT section_power FROM groups WHERE id = 0 " . $var . "AND active = 1"; $res = mysql_query($sql); while (list($section_power) = mysql_fetch_array($res)) { // using parse_str() since the data is stored om Mysql as: // r=1&w=1&d=0&m=0 parse_str($section_power); // More on discover_power() below discover_powers($r,$w,$d,$m); } function discover_powers($r, $w, $d, $m) { // If there's no current power defined: if (!isset($_SESSION['user']['powers']['section']['w'])) { // User's power the same as the var; $_SESSION['user']['powers']['section']['w'] = $w; } else { // Else, in the while loop above, he's assigned to one group with power = 0 // and another one with power = 1, let the user get 1 if ($w > $_SESSION['user']['powers']['section']['w']) { $_SESSION['user']['powers']['section']['w'] = $w; } } Well, pretty much is like this. I am close to redesign the whole thing because of the many SQL queries, the while loop calling two functions for every group the user is attached, and because it's plain a 'not-elegant' solution. Feel free to steal any ideas :-D -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php