PHP Coding
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Codewalkers ForumsPHP RelatedPHP Coding

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Codewalkers Forums Sponsor:
  #1  
Old October 29th, 2009, 10:48 PM
speckledapple speckledapple is offline
Registered User
Codewalkers Newbie (0 - 499 posts)
 
Join Date: Sep 2009
Posts: 20 speckledapple User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 7 h 40 m 5 sec
Reputation Power: 0
Authentication levels and different pages

I am currently trying to create an authentication system that recognizes levels of users as well as keeps pages not accessible secure from others. I have the code down pact. But my problem lies in how to properly put it out without having to make two separate pages; one for members and one for non members. There are certain areas of the website that will be open access to everyone without signing in but others I need secure access with.

The way I have things set up now is I have two headers, one for members and one for non members. I want to acheive functionality where all I need is one header while the coding does the rest. I just cannot figure out how the heck to do it. Below is my code. I just need some fresh insight on this and a better way to go about setting all of this up.

This is the function that checks for blank entries as well as provides access based on access level:

PHP Code:
<?php
require_once('connection.php');


    function 
checkLogin($levels)
    {
    
// Check whether the session variable SESS_MEMBER_ID is present or not
    
if(!isset($_SESSION['SESS_USER']) || (trim($_SESSION['SESS_USER']) == '')) {
            if(!
$_SESSION['SESS_LOGGED_IN'])
        {
            
$access FALSE;
        }
        else {
            
$kt split(' '$levels);
            
            
$query = ('SELECT level_access FROM users WHERE id = "'.mysql_real_escape_string($_SESSION['SESS_USER']).'"');
            
$info mysql_query($query);
            
$row mysql_fetch_assoc($info);
            
            
$access FALSE;
            
            while(list(
$key,$val)=each($kt))
            {
                if(
$val==$row['level_access'])
                {
//if the user level matches one of the allowed levels
                    
$access TRUE;
                }
            }
        }
        if(
$access==FALSE)
        {
            
header("Location: signin.php");
        }
        else {
        
//do nothing: continue
        
}
        
    }
    }
?>




This is the file that checks for members on pages that require it:
PHP Code:
<?php
    
//Start session
    
session_start();
    require_once(
'access-function.php');
    
    
checkLogin('1 2');
    
?>


And this is the header file for members who are signed in, I would like to make a more universal one that I can put across all pages and save some serious time:

Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="homeCSS.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="header.js"></script>
</head>
<body  onload="MM_preloadImages('buttons/rollover/','buttons/rollover/home.jpg','buttons/rollover/product_gallery.jpg','buttons/rollover/online_catalog.jpg','buttons/rollover/current_deals.jpg','buttons/rollover/customize.jpg','buttons/rollover/my_box.jpg','buttons/rollover/track_box.jpg','buttons/rollover/contact_us.jpg')">
<center>
  <!--Start header -->
<div align="center" id="header">

<table width="100%" border="0" align="center">
    <tr>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td colspan="4" align="center"><a style="text-decoration:none" href="members.php"><img src="ssd logos/ssd_full_logo.jpg" width="305" height="106" alt="logo" longdesc="http://www.simplysaucedesigns.com/amir/members.php" border="0";/></a></td>
    <td colspan="2" align="right" valign="bottom"><em><a href="profile.php"><?php echo $_SESSION['SESS_USER']; ?> 's Box</a> | <a href="logout.php">Signout</a></em></td>
    </tr>
  <tr>
    <td><a href="members.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image2','','buttons/rollover/home.jpg',1)"><img src="buttons/original image/home.jpg" alt="home" name="Image2" width="112" height="31" border="0" id="Image2" /></a>&nbsp;</td>
    <td><a href="gallery.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','buttons/rollover/product_gallery.jpg',1)"><img src="buttons/original image/product_gallery.jpg" alt="gallery" name="Image3" width="112" height="31" border="0" id="Image3" /></a>&nbsp;</td>
    <td><a href="catalog.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','buttons/rollover/online_catalog.jpg',1)"><img src="buttons/original image/online_catalog.jpg" alt="catalog" name="Image4" width="112" height="31" border="0" id="Image4" /></a>&nbsp;</td>
    <td><a href="deals.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','buttons/rollover/current_deals.jpg',1)"><img src="buttons/original image/current_deals.jpg" alt="deals" name="Image5" width="112" height="31" border="0" id="Image5" /></a>&nbsp;</td>
    <td><a href="customize.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','buttons/rollover/customize.jpg',1)"><img src="buttons/original image/customize.jpg" alt="customize" name="Image6" width="112" height="31" border="0" id="Image6" /></a>&nbsp;</td>
    <td><a href="mybox.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image7','','buttons/rollover/my_box.jpg',1)"><img src="buttons/original image/my_box.jpg" alt="mybox" name="Image7" width="100" height="31" border="0" id="Image7" /></a>&nbsp;</td>
    <td><a href="tracking.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image8','','buttons/rollover/track_box.jpg',1)"><img src="buttons/original image/track_box.jpg" alt="trackbox" name="Image8" width="112" height="31" border="0" id="Image8" /></a>&nbsp;</td>
    <td valign="top"><a href="contact.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image9','','buttons/rollover/contact_us.jpg',1)"><img src="buttons/original image/contact_us.jpg" alt="contact" name="Image9" width="112" height="31" border="0" id="Image9" /></a></td>
  </tr>

</table>

</div><br />
<!--End header -->
</center>
</body>
</html>

Last edited by speckledapple : October 29th, 2009 at 10:50 PM.

Reply With Quote
  #2  
Old October 29th, 2009, 11:04 PM
IAmALlama IAmALlama is offline
Me
Click here for more information. Click here for more information
 
Join Date: Apr 2007
Location: San Diego, CA
Posts: 2,069 IAmALlama User rank is Private First Class (20 - 50 Reputation Level)IAmALlama User rank is Private First Class (20 - 50 Reputation Level) 
Time spent in forums: 1 Week 6 Days 7 h 43 m 34 sec
Reputation Power: 5
try saving the array of user levels in the session as well and just doing an if statement to see if they can access it.

PHP Code:
<?php
//some menu at the top
echo<<<HTML
<a href='/home'>Home</a>
<a href='/page1'>page1</a>
<a href='/page2'>page2</a>
<a href='/page3'>page3</a>
HTML;
//check if they have level 9 or whatever
if(in_array(9$_SESSION['USER_LEVELS'])){
    
//if they have level 9 access then show the level 9 menu
    
echo "<a href='/level9'>Level 9</a>";
}
?>

Reply With Quote
  #3  
Old October 30th, 2009, 10:07 AM
cjones cjones is offline
Contributing User
Codewalkers Newbie (0 - 499 posts)
 
Join Date: Apr 2007
Posts: 63 cjones User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 Day 10 h 19 m 41 sec
Reputation Power: 3
authentication logon

This kid might give you a few hinters. He's 14 and certainly showed me a few good tricks with the code.

http://www.tutorialparadise.com/watchtutorial.php?tid=388

They only last 10mins so its worth havin a look

Reply With Quote
  #4  
Old November 9th, 2009, 09:42 AM
speckledapple speckledapple is offline
Registered User
Codewalkers Newbie (0 - 499 posts)
 
Join Date: Sep 2009
Posts: 20 speckledapple User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 7 h 40 m 5 sec
Reputation Power: 0
Quote:
Originally Posted by IAmALlama
try saving the array of user levels in the session as well and just doing an if statement to see if they can access it.

PHP Code:
<?php
//some menu at the top
echo<<<HTML
<a href='/home'>Home</a>
<a href='/page1'>page1</a>
<a href='/page2'>page2</a>
<a href='/page3'>page3</a>
HTML;
//check if they have level 9 or whatever
if(in_array(9$_SESSION['USER_LEVELS'])){
    
//if they have level 9 access then show the level 9 menu
    
echo "<a href='/level9'>Level 9</a>";
}
?>


Hi, I am really interested in how that would be accomplished? I understand putting the levels in an array so it can be accessed by one formula, but for instance if I wanted to show certain things on my pages, like if I wanted to the specific menu for members and a non member menu for non members. I actually got them levels thing to work, I would just love to condense my pages more instead of having separate ones.

Reply With Quote
Reply

Viewing: Codewalkers ForumsPHP RelatedPHP Coding > Authentication levels and different pages


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump




 Free IT White Papers!
 
Create the Optimal Architecture for your Critical Applications
Warburton's the largest independently owned bakery in the UK faced a number of difficult challenges in providing the most robust yet efficient IT infrastructure for their organization's success. IBM's services combined with their xSeries servers created the perfect platform for their SAP environment with sufficient flexibility, and did so in very time effective fashion.

Request Your Free Technology Downloads!
 
Five Best Practices for Deploying a Successful Service-Oriented Architecture
This white paper describes the benefits you can expect with SOA, and how IBM can help take your business there.

Request Your Free Technology Downloads!
 
Gartner Magic Quadrant for Application Delivery Controllers
Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses of solutions, and provides Magic Quadrant reporting for a quick comparison across all vendors. Learn from Gartner how you can benefit from an all-in-one device like Citrix NetScaler that delivers the highest levels of availability, performance and security.

Request Your Free Technology Downloads!
 
Knowledge is Power
What you don't know can hurt you, and is likely costing you money and increasing your security risks during an era of scarce resources. This white paper proposes six key strategies that enterprise security managers can use to improve their network defense posture.

Request Your Free Technology Downloads!
 
Rationalizing the Multi-Tool Environment
The rationalized multi-tool approach is flexible, scalable and cost effective. It provides the necessary input to the IT service management business processes. It preserves prior investments in monitoring tools, empowers technologists to select the best tools with which to do their jobs, and enhances effective response to incidents.

Request Your Free Technology Downloads!
 

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 




© 2003-2010 by Developer Shed. All rights reserved. DS Cluster 11 Hosted by Hostway
For more Enterprise Application Development news, visit eWeek