Thank you. What I am trying to avoid is doing a parsing of the string
everytime a user comes in. My thought is to use a user table, a group
table and then a permissions table that will allow the user to be a member
of more than one group.
Thank you,
-Scott
On Wed, 27 Feb 2002, Julio Nobrega Trabalhando wrote:
> I've done it :-)
>
> But be careful. There are dozens of way to implement this. My way is
> simple, but makes use of too many sql queries I believe. Could have stored
> everything in one line and grab it at user's login, but anyway.... My
> current way seems more logical to follow and update.
>
> I have created these 'groups of power', where you can add/remove users.
> Since an user can be part of more than one group, I store in a session array
> these groups ids.
>
> In a page where it's necessary to verify if the user (actually, the groups
> he's attached to) can perform certain actions, there's a little check like
> this:
>
> $var = '';
> foreach ($_SESSION['user']['group_ids'] as $value) {
> $var .= "OR group_id = '$value' ";
> }
>
> And a Mysql query:
>
> // 'groups' is a table with a collumn for every section of the site.
> $sql = "SELECT section_power FROM groups WHERE id = 0 " . $var . "AND active
> = 1";
> $res = mysql_query($sql);
> while (list($section_power) = mysql_fetch_array($res)) {
> // using parse_str() since the data is stored om Mysql as:
> // r=1&w=1&d=0&m=0
> parse_str($section_power);
> // More on discover_power() below
> discover_powers($r,$w,$d,$m);
> }
>
> function discover_powers($r, $w, $d, $m) {
> // If there's no current power defined:
> if (!isset($_SESSION['user']['powers']['section']['w'])) {
> // User's power the same as the var;
> $_SESSION['user']['powers']['section']['w'] = $w;
> } else {
> // Else, in the while loop above, he's assigned to one group with
> power = 0
> // and another one with power = 1, let the user get 1
> if ($w > $_SESSION['user']['powers']['section']['w']) {
> $_SESSION['user']['powers']['section']['w'] = $w;
> }
> }
>
>
> Well, pretty much is like this. I am close to redesign the whole thing
> because of the many SQL queries, the while loop calling two functions for
> every group the user is attached, and because it's plain a 'not-elegant'
> solution.
>
> Feel free to steal any ideas :-D
>
> --
>
> Julio Nobrega.
>
> Um dia eu chego lá:
> http://sourceforge.net/projects/toca
>
>
>
>
--
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
