October 29th, 2009, 10:48 PM
|
|
Registered User
|
|
Join Date: Sep 2009
Posts: 20
Time spent in forums: 7 h 40 m 5 sec
Reputation Power: 0
|
|
|
Authentication levels and different pages
I am currently trying to create an authentication system that recognizes levels of users as well as keeps pages not accessible secure from others. I have the code down pact. But my problem lies in how to properly put it out without having to make two separate pages; one for members and one for non members. There are certain areas of the website that will be open access to everyone without signing in but others I need secure access with.
The way I have things set up now is I have two headers, one for members and one for non members. I want to acheive functionality where all I need is one header while the coding does the rest. I just cannot figure out how the heck to do it. Below is my code. I just need some fresh insight on this and a better way to go about setting all of this up.
This is the function that checks for blank entries as well as provides access based on access level:
PHP Code:
<?php
require_once('connection.php');
function checkLogin($levels)
{
// Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['SESS_USER']) || (trim($_SESSION['SESS_USER']) == '')) {
if(!$_SESSION['SESS_LOGGED_IN'])
{
$access = FALSE;
}
else {
$kt = split(' ', $levels);
$query = ('SELECT level_access FROM users WHERE id = "'.mysql_real_escape_string($_SESSION['SESS_USER']).'"');
$info = mysql_query($query);
$row = mysql_fetch_assoc($info);
$access = FALSE;
while(list($key,$val)=each($kt))
{
if($val==$row['level_access'])
{//if the user level matches one of the allowed levels
$access = TRUE;
}
}
}
if($access==FALSE)
{
header("Location: signin.php");
}
else {
//do nothing: continue
}
}
}
?>
This is the file that checks for members on pages that require it:
PHP Code:
<?php
//Start session
session_start();
require_once('access-function.php');
checkLogin('1 2');
?>
And this is the header file for members who are signed in, I would like to make a more universal one that I can put across all pages and save some serious time:
Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="homeCSS.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="header.js"></script>
</head>
<body onload="MM_preloadImages('buttons/rollover/','buttons/rollover/home.jpg','buttons/rollover/product_gallery.jpg','buttons/rollover/online_catalog.jpg','buttons/rollover/current_deals.jpg','buttons/rollover/customize.jpg','buttons/rollover/my_box.jpg','buttons/rollover/track_box.jpg','buttons/rollover/contact_us.jpg')">
<center>
<!--Start header -->
<div align="center" id="header">
<table width="100%" border="0" align="center">
<tr>
<td> </td>
<td> </td>
<td colspan="4" align="center"><a style="text-decoration:none" href="members.php"><img src="ssd logos/ssd_full_logo.jpg" width="305" height="106" alt="logo" longdesc="http://www.simplysaucedesigns.com/amir/members.php" border="0";/></a></td>
<td colspan="2" align="right" valign="bottom"><em><a href="profile.php"><?php echo $_SESSION['SESS_USER']; ?> 's Box</a> | <a href="logout.php">Signout</a></em></td>
</tr>
<tr>
<td><a href="members.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image2','','buttons/rollover/home.jpg',1)"><img src="buttons/original image/home.jpg" alt="home" name="Image2" width="112" height="31" border="0" id="Image2" /></a> </td>
<td><a href="gallery.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','buttons/rollover/product_gallery.jpg',1)"><img src="buttons/original image/product_gallery.jpg" alt="gallery" name="Image3" width="112" height="31" border="0" id="Image3" /></a> </td>
<td><a href="catalog.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','buttons/rollover/online_catalog.jpg',1)"><img src="buttons/original image/online_catalog.jpg" alt="catalog" name="Image4" width="112" height="31" border="0" id="Image4" /></a> </td>
<td><a href="deals.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','buttons/rollover/current_deals.jpg',1)"><img src="buttons/original image/current_deals.jpg" alt="deals" name="Image5" width="112" height="31" border="0" id="Image5" /></a> </td>
<td><a href="customize.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','buttons/rollover/customize.jpg',1)"><img src="buttons/original image/customize.jpg" alt="customize" name="Image6" width="112" height="31" border="0" id="Image6" /></a> </td>
<td><a href="mybox.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image7','','buttons/rollover/my_box.jpg',1)"><img src="buttons/original image/my_box.jpg" alt="mybox" name="Image7" width="100" height="31" border="0" id="Image7" /></a> </td>
<td><a href="tracking.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image8','','buttons/rollover/track_box.jpg',1)"><img src="buttons/original image/track_box.jpg" alt="trackbox" name="Image8" width="112" height="31" border="0" id="Image8" /></a> </td>
<td valign="top"><a href="contact.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image9','','buttons/rollover/contact_us.jpg',1)"><img src="buttons/original image/contact_us.jpg" alt="contact" name="Image9" width="112" height="31" border="0" id="Image9" /></a></td>
</tr>
</table>
</div><br />
<!--End header -->
</center>
</body>
</html>
Last edited by speckledapple : October 29th, 2009 at 10:50 PM.
|
Codewalkers Forums Sponsor:
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
