Solved

Authentication for multiple user type in php

Posted on 2004-10-13
4
236 Views
Last Modified: 2012-05-07
I have a problem on authentication in php. You see, I have three types of account, one for a guest, one for a normal member and another one for an administrator. Now, how can I limit the directories that each type of member account can access? for example, a member will normally gain access to the default.php page. However, he shouldn't be able to access the admin.php page. How do I resolve this?
0
Comment
Question by:Gianz
4 Comments
 
LVL 5

Accepted Solution

by:
php-webdesign earned 70 total points
ID: 12305900
i gues you put the information in sessions

create a file inc_logged_in_heretheuserlevel(eg admin).php:

<?
if($_SESSION['userlevel'] != "admin"){
  die("Not allowd to enter this page!!");
}
?>

and inlcude this file on every page you only want your admin to enter it. And for user and guest do the same
0
 
LVL 2

Expert Comment

by:hewtluca
ID: 12305955
Yeah php-webdesign is right........put what he says at the top of the pages you want to protect.

Just assign your session variables at the same time they login.......I also assign

$_SESSION['logged']==true

Just make sure you destroy the session when they logout.

Hewt
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Consider the following scenario: You are working on a website and make something great - something that lets the server work with information submitted by your users. This could be anything, from a simple guestbook to a e-Money solution. But what…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now