>> I am wanting more than basic multi-level security, where
>> certain areas require different numeric levels and anyone
>> with a high enough sec level can see all pages on that level;
>> say a person with a "20" level can see or edit
>> all sites with 20 or lower security assigned to them.
I may have joined this subject too late, however I've already implimented
the thing you're after in my own CMS (Soon to be used in an online
environment, watchout for a [SCR] comming soon...)
In the database table that holds the users, add an extra field called rights
or authRights or similar, and store in this the permissions level that you
wish the user to have.
When the user logs in, assign the rights to a session variable, then, when
u're building your menus for options on a page, use a simple if statement.
the PHP looks similar to this:
<?
session_start();
$sql="SELECT authName, authRights, FROM authors WHERE authUserName =
'$username' AND authPasswd = PASSWORD('$passwd')";
$result = mysql_query('$sql');
$array = mysql_fetch_array($result);
?>
<!-- insert generic content here -->
<a href="edit.php?type=story">Edit my own storys</a><br />
<a href="edit.php?type=pro">Edit my profile</a><br />
<!-- Add content based on rights -->
<?
if ($array[1] <= "5")
{
echo "<a href="edit.php?type=story">Edit all storys</a><br />";
}
if ($array[1] <= "10")
{
echo "<a href="edit.php?type=pro">Edit all profiles</a><br />";
}
// any other options here...
?>
on the edit page, a series of "if" and "select case" functions display
either further menus or the data to be edited.
hope this helps,
Matt
____ • The WDVL Discussion List from WDVL.COM • ____
To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED]
Send Your Posts To: [EMAIL PROTECTED]
To change subscription settings to the wdvltalk digest version:
http://wdvl.internet.com/WDVL/Forum/#sub
________________ http://www.wdvl.com _______________________
You are currently subscribed to wdvltalk as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
