Re: [PHP] user access/roles/privs functionality
bruce-60 wrote: Hi list... I need a way of managing users/teams/etc.. implementing roles/access rights/privs,etc... Have a look at Zend_Acl: http://framework.zend.com/manual/en/zend.acl.html - http://devshed.excudo.net http://devshed.excudo.net -- View this message in context: http://www.nabble.com/user-access-roles-privs-functionality-tp20508624p20620446.html Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] user access/roles/privs functionality
On Sat, Nov 15, 2008 at 11:21 AM, bruce [EMAIL PROTECTED] wrote: Hi list... I need a way of managing users/teams/etc.. implementing roles/access rights/privs,etc... I'd like a way of being able to have users report to the resource above them, ie, the ability to have a hierarchical kind of tree approach would be good as wel, as this would allow different user/mgr/teams to be moved up/down in the tree as required. If I can find the right process, I'll implement it in my targeted app. I'd prefer something that's fairly well compartmentalized.. but if need be, I'm willing to rip the right system out of it's parent app if I can find one that's good!!! I've reviewed the systems in the vtiger/knowledgetree apps. thoughts/comments/pointers would be useful! thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Take a look at Zend_Acl If your needs are bigger than a simple user/group access schema as you describe, then I would suggest considering LDAP. PHP has support for it although I haven't wrote something using this API. I have been using it to authenticate my users some years ago an it is quite fast and rich. You certainly have a tree since LDAP is a directory although AFAIK it is slower when writing if you compare it with a database but much faster when reading data. So in case your users' info are changing very often then this is probably not the best solution for you but in any other case try to see if it fits your needs. http://gr2.php.net/manual/en/intro.ldap.php -- Thodoris
[PHP] user access/roles/privs functionality
Hi list... I need a way of managing users/teams/etc.. implementing roles/access rights/privs,etc... I'd like a way of being able to have users report to the resource above them, ie, the ability to have a hierarchical kind of tree approach would be good as wel, as this would allow different user/mgr/teams to be moved up/down in the tree as required. If I can find the right process, I'll implement it in my targeted app. I'd prefer something that's fairly well compartmentalized.. but if need be, I'm willing to rip the right system out of it's parent app if I can find one that's good!!! I've reviewed the systems in the vtiger/knowledgetree apps. thoughts/comments/pointers would be useful! thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] user access/roles/privs functionality
On Sat, Nov 15, 2008 at 11:21 AM, bruce [EMAIL PROTECTED] wrote: Hi list... I need a way of managing users/teams/etc.. implementing roles/access rights/privs,etc... I'd like a way of being able to have users report to the resource above them, ie, the ability to have a hierarchical kind of tree approach would be good as wel, as this would allow different user/mgr/teams to be moved up/down in the tree as required. If I can find the right process, I'll implement it in my targeted app. I'd prefer something that's fairly well compartmentalized.. but if need be, I'm willing to rip the right system out of it's parent app if I can find one that's good!!! I've reviewed the systems in the vtiger/knowledgetree apps. thoughts/comments/pointers would be useful! thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Take a look at Zend_Acl -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] user access/roles/privs functionality
Hi list... I need a way of managing users/teams/etc.. implementing roles/access rights/privs,etc... I'd like a way of being able to have users report to the resource above them, ie, the ability to have a hierarchical kind of tree approach would be good as wel, as this would allow different user/mgr/teams to be moved up/down in the tree as required. If I can find the right process, I'll implement it in my targeted app. I'd prefer something that's fairly well compartmentalized.. but if need be, I'm willing to rip the right system out of it's parent app if you can show me one that's good!!! thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] User Access
How would one go about allowing editable access to only the entry creator For example: If I added an entry to the site and only wanted myself to be able to edit / delete it, likewise with other users how would I go about setting this up in DW MX on PHP4 and mysql?? Cheers Ryan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] User Access
Sorry but your problem isn't very clear. If you are talking of dreamweaver problem you are better off using their support forums. Or are you talking about a wiki site? Ryan Stagg wrote: How would one go about allowing editable access to only the entry creator For example: If I added an entry to the site and only wanted myself to be able to edit / delete it, likewise with other users how would I go about setting this up in DW MX on PHP4 and mysql?? Cheers Ryan -- http://www.radinks.com/upload Drag and Drop File Uploader. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] User Access
No it's not a Dreamweaver problem I have a site where users can insert data via a PHP form, I want to be able to set up a system where the user can login and edit their entries only, in other words they cant edit another users data. Ryan Raditha Dissanayake [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Sorry but your problem isn't very clear. If you are talking of dreamweaver problem you are better off using their support forums. Or are you talking about a wiki site? Ryan Stagg wrote: How would one go about allowing editable access to only the entry creator For example: If I added an entry to the site and only wanted myself to be able to edit / delete it, likewise with other users how would I go about setting this up in DW MX on PHP4 and mysql?? Cheers Ryan -- http://www.radinks.com/upload Drag and Drop File Uploader. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] User Access
Sounds like a wiki in it's simplest form. Please do a search for php wiki in sourceforge or hotscripts you will be able to find lots of scripts that let you achieve just this. all the best Ryan Stagg wrote: No it's not a Dreamweaver problem I have a site where users can insert data via a PHP form, I want to be able to set up a system where the user can login and edit their entries only, in other words they cant edit another users data. Ryan Raditha Dissanayake [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Sorry but your problem isn't very clear. If you are talking of dreamweaver problem you are better off using their support forums. Or are you talking about a wiki site? Ryan Stagg wrote: How would one go about allowing editable access to only the entry creator For example: If I added an entry to the site and only wanted myself to be able to edit / delete it, likewise with other users how would I go about setting this up in DW MX on PHP4 and mysql?? Cheers Ryan -- http://www.radinks.com/upload Drag and Drop File Uploader. -- http://www.radinks.com/upload Drag and Drop File Uploader. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] User access rights..
Hello, I have a machine which is running Php4 on Apache 1.3 And I want to make a hosting site that the users can register themselves online. They will have a home directory and so they will be able to put their web files (html, php, images etc.) under there. I want to keep their information on Mysql. That is, if possible I don't want to create real system accounts. I'll do all this work (create user, its home etc) with PHP. There is no problem at this point. The problem is... using PHP, they can open any file that is readable to nobody account (Apache user).. So it can read and even edit other users' files.. Consquently, the users should be able to access only and only their home directories. How can I do this? Thanks in advance.. Ali Pakkan E-mail: [EMAIL PROTECTED] Gsm: +90542 3268742 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] User access rights..
On Sunday 25 November 2001 03:30 pm, you wrote: The problem is... using PHP, they can open any file that is readable to nobody account (Apache user).. So it can read and even edit other users' files.. Consquently, the users should be able to access only and only their home directories. Short answer; you can't. Long answer; if users have shell accounts, there is no way you can do what you're trying to do. If you limit users to FTP access and PHP *only* (i.e. no telnet, ssh, custom CGI, Perl or other languages that can access the file system) then you can use PHP safe mode to at least protect PHP. Read the Security chapter in the PHP manual. (chapter 4, I believe) This topic has been discussed extensively before on the list, so you may also want to search the list archives for more details. --kurt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] User access rights..
I should explain a bit more in detail.. Actually, the users can have php files. And these php files can access other users' stuff. And consider they are real users, then how will i tell Apache server to run as the user owning the file? Is it impossible for a real solution? On Sun, 25 Nov 2001, Hank Marquardt wrote: I want to keep their information on Mysql. That is, if possible I don't want to create real system accounts. The problem is... using PHP, they can open any file that is readable to nobody account (Apache user).. So it can read and even edit other users' files.. These two statements seem at odds with each other (to me anyway) .. if you're completely managing the user 'virtually' within mysql you could manage all your permissions and access within the database with sessions and a user id ... if on the other hand you are creating accounts on the system just with a nologin shell, then you're in a pickle with no real solution ... if the 'nobody' group needs read permission then you're correct that most anyone can read anyone else's work ... you're only real option is to create some kind of wrapper script for accessing the files that checks the db perms first. BTW, there are *lots* of ISPs offering shell access (and web accounts) out there where this is an issue ... the entire /home tree is 0755 permed and user a can read/execute user b's stuff. even a 0750 doesn't fix it most of the time as the users share a common group ... I guess you could go with 0750, set uid=gid and then add 'nobody' to everyone's groups though ... ... enough, I'm just thinking out loud now. Hank -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]