Thank you. What I am trying to avoid is doing a parsing of the string
everytime a user comes in. My thought is to use a user table, a group
table and then a permissions table that will allow the user to be a member
of more than one group.
Thank you,
-Scott
On Wed, 27 Feb 2002, Julio Nobrega Trabalhando wrote:
I've done it :-)
But be careful. There are dozens of way to implement this. My way is
simple, but makes use of too many sql queries I believe. Could have stored
everything in one line and grab it at user's login, but anyway My
current way seems more logical to follow and update.
I have created these 'groups of power', where you can add/remove users.
Since an user can be part of more than one group, I store in a session array
these groups ids.
In a page where it's necessary to verify if the user (actually, the groups
he's attached to) can perform certain actions, there's a little check like
this:
$var = '';
foreach ($_SESSION['user']['group_ids'] as $value) {
$var .= OR group_id = '$value' ;
}
And a Mysql query:
// 'groups' is a table with a collumn for every section of the site.
$sql = SELECT section_power FROM groups WHERE id = 0 . $var . AND active
= 1;
$res = mysql_query($sql);
while (list($section_power) = mysql_fetch_array($res)) {
// using parse_str() since the data is stored om Mysql as:
// r=1w=1d=0m=0
parse_str($section_power);
// More on discover_power() below
discover_powers($r,$w,$d,$m);
}
function discover_powers($r, $w, $d, $m) {
// If there's no current power defined:
if (!isset($_SESSION['user']['powers']['section']['w'])) {
// User's power the same as the var;
$_SESSION['user']['powers']['section']['w'] = $w;
} else {
// Else, in the while loop above, he's assigned to one group with
power = 0
// and another one with power = 1, let the user get 1
if ($w $_SESSION['user']['powers']['section']['w']) {
$_SESSION['user']['powers']['section']['w'] = $w;
}
}
Well, pretty much is like this. I am close to redesign the whole thing
because of the many SQL queries, the while loop calling two functions for
every group the user is attached, and because it's plain a 'not-elegant'
solution.
Feel free to steal any ideas :-D
--
Julio Nobrega.
Um dia eu chego lá:
http://sourceforge.net/projects/toca
--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php