On Tuesday 12 November 2002 02:05, Ray Seals wrote:
> I would like for my pages to generate HTML code based on a users
> rights. For example I have a table called user and it looks like this
>
> userid password admin user
> --------------------------------------
> me mypass Y
> you yourpass Y
>
> When a person logs in they are authenticated against this table. Once
> they are logged in I would like to build a page with a few links. If
> the person has a Y in the admin, I would like to offer an additional
> link on the page for some admin functions.
>
> My question is this, when a person logs in I know the user name and
> password is stored in the $_POST global. How long does that stay
> available.
For all practical purposes[1] just treat it as if it's not available after the
person is logged in.
> Can I recall the userid and password, query the database and
> then generate a page based on those results?
Yes, but see [1].
> Would I be better off
> using the session information or setting cookies?
You definitely want to be looking at sessions. Search for some "user
authentication" tutorials.
[1] Unless you continue propagating the login info (user/password) via hidden
elements in a form (which btw, is a very foolish thing to do) they would only
be available on the page that is handling your login.
--
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
/*
Experience is not what happens to you; it is what you do with what happens
to you.
-- Aldous Huxley
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
