if you pull the user data into a session, then its a simple if them check

if ($_SESSION['user']['user_access']>1)  //1 = basic user
 echo '<a href="edit_task.php" class="navlink">Edit Task</a><br />';
 echo '<a href="add_task.php" class="navlink">Add Task</a><br />';



From: "Jeff Broomall" <[EMAIL PROTECTED]>
To: <php-db@lists.php.net>
Subject: [PHP-DB] Retricting Access to Menu Items
Date: Mon, 6 Mar 2006 07:27:03 -0500

Good morning everyone.

I'm building a very simple content management site that tracks "tasks."

The options available are:
 1. Add Task
 2. Edit Task
 3. View Task
 4. Print Task

I need to restrict some users to only View and Print and I'm trying to find a way to tell the page not to load the menu options (the text) for those not having access to the Add and Edit functions.

IOW, they would only see View and Print.

I have three basic users:
 1. System Admin
 2. Subject Matter Expert (SME)
 3. Viewers

Obviously the System Admin and SME will have full access so it's the Viewers that are to have access to only View and Print.

I have a users table but haven't set it up for the distinction. What I was thinking was creating a field labeled users_group and assign a numeric value for each user using the numbering system above.

I have my page load the menu options:

<a href="home.php" class="navlink">Home</a><br />
<a href="view_tasks.php" class="navlink">View Tasks</a><br />
<a href="edit_task.php" class="navlink">Edit Task</a><br />
<a href="add_task.php" class="navlink">Add Task</a><br />

into here...


<table width="90%" border="1" cellspacing="10" cellpadding="0" align="center">

 <tr><td colspan="2"><h1 id="mainhead">ICAO Tasks — WAFS</h1></td></tr>

<td align= "center" valign="top" nowrap="nowrap" width="10%">
 Menu<br />
<?php include ('./includes/menu.html'); ?> <--The menu above inserted here.

<td valign="top" class="content">

How can I tell the system not to load the last two lines unless they are a System Admin or SME?

I read a chapter on Cookies/Sessions...but it wasn't that helpful for this case.

Can I setcookie('user_group', '3') and use that somehow???

Am I in the ballpark with this solution?



PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to