On Tuesday 12 November 2002 02:05, Ray Seals wrote: > I would like for my pages to generate HTML code based on a users > rights. For example I have a table called user and it looks like this > > userid password admin user > -------------------------------------- > me mypass Y > you yourpass Y > > When a person logs in they are authenticated against this table. Once > they are logged in I would like to build a page with a few links. If > the person has a Y in the admin, I would like to offer an additional > link on the page for some admin functions. > > My question is this, when a person logs in I know the user name and > password is stored in the $_POST global. How long does that stay > available.
For all practical purposes[1] just treat it as if it's not available after the person is logged in. > Can I recall the userid and password, query the database and > then generate a page based on those results? Yes, but see [1]. > Would I be better off > using the session information or setting cookies? You definitely want to be looking at sessions. Search for some "user authentication" tutorials. [1] Unless you continue propagating the login info (user/password) via hidden elements in a form (which btw, is a very foolish thing to do) they would only be available on the page that is handling your login. -- Jason Wong -> Gremlins Associates -> www.gremlins.com.hk Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * /* Experience is not what happens to you; it is what you do with what happens to you. -- Aldous Huxley */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php