Hi there :) One of the most common methods of achieving this is by using
session variables. First the user logins in through a form with a username
and a password, you check these  against the database to make sure they are
who they say they are, once that is established you could create a session
variable called "$USERID"   (or something a little less intutive:) once
retrieving the $USERID, and do a check within every page to see what $USERID
they are and perform the appropriate actions.

Check out sessions at :
http://www.php.net/manual-lookup.php?pattern=sessions

Cheers, Joe :)





Wg4- Cook <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi there,
>
> I am struggling with a concept and can't seem to find a way to do it so
> hoping you all can help.
>
> We want to use PHP with MySql Db.
> For security reasons on the DB, it is to be accessed only through this
front
> end i.e. via the internal web
> Each user will have a number of levels of access to various parts of the
> system, so the obvious design is one where there is only 1 real login to
the
> MySQL db (i.e. the system will auto log everyone in as this without them
> knowing it), and then the user is validated against a table in my DB which
> holds the access rights. I can get through the login OK, and get my table
to
> return "USERID" for this person. Now I need that "USERID" available to ALL
> other pages so I can use it to determine what parts of screens to show,
and
> what to allow them to do.
>
> My question is how do I make this variable available to all pages??  Do I
> have to include it with the variables passed to each page or is there a
> simpler way of doing it.  Can I put the variable in an include file and
> include it in every page - will that work?.
>
> Surely someone must have had a similar situation before and can tell me
how
> they solved it.
>
> Many thanks
>
> Janet
>
>
>



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to