Hi there :) One of the most common methods of achieving this is by using session variables. First the user logins in through a form with a username and a password, you check these against the database to make sure they are who they say they are, once that is established you could create a session variable called "$USERID" (or something a little less intutive:) once retrieving the $USERID, and do a check within every page to see what $USERID they are and perform the appropriate actions.
Check out sessions at : http://www.php.net/manual-lookup.php?pattern=sessions Cheers, Joe :) Wg4- Cook <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi there, > > I am struggling with a concept and can't seem to find a way to do it so > hoping you all can help. > > We want to use PHP with MySql Db. > For security reasons on the DB, it is to be accessed only through this front > end i.e. via the internal web > Each user will have a number of levels of access to various parts of the > system, so the obvious design is one where there is only 1 real login to the > MySQL db (i.e. the system will auto log everyone in as this without them > knowing it), and then the user is validated against a table in my DB which > holds the access rights. I can get through the login OK, and get my table to > return "USERID" for this person. Now I need that "USERID" available to ALL > other pages so I can use it to determine what parts of screens to show, and > what to allow them to do. > > My question is how do I make this variable available to all pages?? Do I > have to include it with the variables passed to each page or is there a > simpler way of doing it. Can I put the variable in an include file and > include it in every page - will that work?. > > Surely someone must have had a similar situation before and can tell me how > they solved it. > > Many thanks > > Janet > > > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php