I am creating an online Alumni Tracking System for my college. There will be three types of users: Alumni, Faculty and Administrators. Alumni can do restricted/limited queries and can update their own record. Faculty can create and update all alumni records and use many queries. Administrators can create and delete faculty users.
I want to have three levels of access corresponding to the three user types. What is the best coding practice to implement this? Is it better to create a page for each user, or to create one page that decides what content to display depending on the user-type? Which method is the most secure? Secondly, which is easiest?