Jump to content
xisto Community
jlhaslip

User Permission Function [php] Determining User Permissions

Recommended Posts

There have been several recent request for methods to restrict access to various pages on a web-site based on User Permissions in sites that have a Login System in place. Here is some code showing one method to restrict access by providing a sub-set of your site's links based on the User's permissions.

In this demonstration, I have defined a string for each 'level of user' determining which set(s) of links they can view on your site.
Normal MySql procedure would be to read the User's permission level from a record in the database.
For the purpose of this demonstration, an array is constructed. The output reflects the various combinations of their permissions.
The strings are a series of concatenated Boolean values for the permissions allowed by a group. 0 = false (no links) 1 = true (links).
As you can see, the Guests get 'some' links, Members get 'some more' links, Mods get 'still more', and the Admins get 'all' links.

Array values can be read from the User Profile or from $_SESSION values, or from a 'group' table depending on their group membership.
Each member is assigned to a Group and their permissions are given according to the Group they belong to.
Whether the permissions string is stored with the member Profile ( not suggested ) or in a separate Table in the database ( suggested ) does not really affect the function of this procedure, as long as the permissions function is fed the correct of string.

Replace these simple echo commands with the code which will generate the links for your site.
And normally, you would not use the else statements, so those could be removed from the code, too.
Adjust the details and particular to suit your own needs.
Additional Permissions could be set for allowing certain Groups the right to add, edit, delete stuff, or Ban Users, etc. I'll leave that to you, since it would be very site specific.

Happy Coding. :P

'Users' =>  "1100",
'Mods' => "1110" ,
'Admins' => "1111" ,
);


/*
*Function to assign Permissions based on Group membership
*/

function permission( $p )
{
// Split the levels string into an array
$perm = str_split( $p );

// Permissions array
$up = array(
'can_view_links_1' => 1,
'can_view_links_2' => 2,
'can_view_links_3' => 3,
'can_view_links_4' => 4,
);
$combine = array_combine( array_keys( $up ), $perm );

return $combine;
}

/*
* Procedure Test Printing
*/

foreach ( $levels as $i => $value) {

/* print Group name here */
echo '<h3>' . $i . '</h3>' ;

/* call function to assign permissions */
$p = permission( $levels[$i] );

/* check Guest permissions */
if( $p['can_view_links_1'] == 1 ){
echo 'can view Guest links  ' . $p['can_view_links_1'] . '<br />';
} else {
echo 'no links here  ' . $p['can_view_links_1'] . '<br />';
}

/* check Member permissions */
if( $p['can_view_links_2'] == 1 ){
echo 'can view Member links  ' . $p['can_view_links_2'] . '<br />';
} else {
echo 'no links here  ' . $p['can_view_links_2'] . '<br />';
}
/* check Moderator permissions */
if( $p['can_view_links_3'] == 1 ){
echo 'can view Moderator links  ' . $p['can_view_links_3'] . '<br />';
} else {
echo 'no links here  ' . $p['can_view_links_3'] . '<br />';
}

/* check Administrator permissions */
if( $p['can_view_links_4'] == 1 ){
echo 'can view Admin links  ' . $p['can_view_links_4'] . '<br />';
} else {
echo 'no links here  ' . $p['can_view_links_4'] . '<br />';
}
}

?> linenums:0'>$levels = array( 'Guests' => "1000" ,'Users' => "1100",'Mods' => "1110" ,'Admins' => "1111" ,);/* *Function to assign Permissions based on Group membership */ function permission( $p ){ // Split the levels string into an array $perm = str_split( $p ); // Permissions array $up = array( 'can_view_links_1' => 1, 'can_view_links_2' => 2, 'can_view_links_3' => 3, 'can_view_links_4' => 4, ); $combine = array_combine( array_keys( $up ), $perm ); return $combine;}/* * Procedure Test Printing */foreach ( $levels as $i => $value) { /* print Group name here */ echo '<h3>' . $i . '</h3>' ; /* call function to assign permissions */ $p = permission( $levels[$i] ); /* check Guest permissions */ if( $p['can_view_links_1'] == 1 ){ echo 'can view Guest links  ' . $p['can_view_links_1'] . '<br />'; } else { echo 'no links here  ' . $p['can_view_links_1'] . '<br />'; } /* check Member permissions */ if( $p['can_view_links_2'] == 1 ){ echo 'can view Member links  ' . $p['can_view_links_2'] . '<br />'; } else { echo 'no links here  ' . $p['can_view_links_2'] . '<br />'; } /* check Moderator permissions */ if( $p['can_view_links_3'] == 1 ){ echo 'can view Moderator links  ' . $p['can_view_links_3'] . '<br />'; } else { echo 'no links here  ' . $p['can_view_links_3'] . '<br />'; } /* check Administrator permissions */ if( $p['can_view_links_4'] == 1 ){ echo 'can view Admin links  ' . $p['can_view_links_4'] . '<br />'; } else { echo 'no links here  ' . $p['can_view_links_4'] . '<br />'; }}?>
Here is a demo using the above script.
http://forums.xisto.com/no_longer_exists/

Any questions, post them up here.

Share this post


Link to post
Share on other sites

A couple of friends and I just did a programming competition using PHP and we just used a cookie with 3 values, for the different kinds of users.We didn't make it so that it didn't show the links, though. We just made each page show a thing saying that they don't have permission to use that page. I think what you're doing makes sense, too, though. I think you should also have each page deny access for if they just type in the right url, though.Nice tutorial.

Share this post


Link to post
Share on other sites

Thanks.The site checks Sessions and Permissions both to deny access. I'll post the full version later as I complete the package.Might take a few days/weeks since it is a hobby, not a job.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.