>> I am wanting more than basic multi-level security, where >> certain areas require different numeric levels and anyone >> with a high enough sec level can see all pages on that level; >> say a person with a "20" level can see or edit >> all sites with 20 or lower security assigned to them.
I may have joined this subject too late, however I've already implimented the thing you're after in my own CMS (Soon to be used in an online environment, watchout for a [SCR] comming soon...) In the database table that holds the users, add an extra field called rights or authRights or similar, and store in this the permissions level that you wish the user to have. When the user logs in, assign the rights to a session variable, then, when u're building your menus for options on a page, use a simple if statement. the PHP looks similar to this: <? session_start(); $sql="SELECT authName, authRights, FROM authors WHERE authUserName = '$username' AND authPasswd = PASSWORD('$passwd')"; $result = mysql_query('$sql'); $array = mysql_fetch_array($result); ?> <!-- insert generic content here --> <a href="edit.php?type=story">Edit my own storys</a><br /> <a href="edit.php?type=pro">Edit my profile</a><br /> <!-- Add content based on rights --> <? if ($array[1] <= "5") { echo "<a href="edit.php?type=story">Edit all storys</a><br />"; } if ($array[1] <= "10") { echo "<a href="edit.php?type=pro">Edit all profiles</a><br />"; } // any other options here... ?> on the edit page, a series of "if" and "select case" functions display either further menus or the data to be edited. hope this helps, Matt ____ • The WDVL Discussion List from WDVL.COM • ____ To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] Send Your Posts To: [EMAIL PROTECTED] To change subscription settings to the wdvltalk digest version: http://wdvl.internet.com/WDVL/Forum/#sub ________________ http://www.wdvl.com _______________________ You are currently subscribed to wdvltalk as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED]