advice on sessions and navigation

A

Anonymous

Guest
hi there!

Ok,
I am trying to implement a login system.
According to who had logged in, i want different people to have access to different sites.
e.g Manager - all site
Admin - only inventory.

How can i do this???

The method im thinking of using;
Ask user to log on - getting there username and password. These will already be on a databse.
Check the access they have - this will be a number e.g.1,2,3,4 corresponding with their access.
On each page this number will be checked, using sessions. According to this number a certain menu for navigation will be shown, only allowing access to these parts of the site.
if someone tries to type in the url directly into a web browser, there is a check in place to see if a session exists, if not then the user will be asked to log in.




Will this do???

The system needs to be fairly secure.

Thanks
 
Hi K4pil,

Your login will work definately!

Cheers

I also have implemented the same logic so many times.
 
I would make a page class with security configuration. then on every instance of this class is different user allowed such as admin, usual users, etc.
when a page is requested, it will ask itself what type of security it needs then check for existence of session needed to unlock that page.

tell me if you don't comprehend it.
 
hi there!

Thanks for ur answers.

Can you expand on the security class??

How do i implement it and what difference will it make compared to the way i was going to do it??

Thanks in advance
 
k4pil, im affraid if you are not an experiensed programmer or dont have a basic understanding of OOP it will be hard for you to make something like that, i will actually suggest you using simple session-based authentication. The code for this has been brought up a few days ago:
http://www.php-forum.com/p/viewtopic.7148.html

I think you might like it
 
Well Alexei, I'm here to learn...so if anyone can help and expand on the security class may be i will improve as a programmer.
 
tell me if you have ever worked with OOP and what is your level of a programmer: and i will tell you what you need to know BEFORE we go there..
 
I have worked with OOP for two years - mainly Java. In fact im doing a degree in software engineering, and as it seems todays, all programming is OOP based with emphasis on OOA/D.

However, i am new to php and learning.

thanks
 
cool,
then you don't need to know more about classes,
a security class is nothing but a bunch of code, whose object is initiated on every single page before any of the page rendering, and depending upon many situations, it allows the user or redirects it...
something like this...
Code: 
<?php
if (!$secObj->isPermitted('sectionAdmin')) {
   $secObj->redirect('/forbidden.php?m=Authorization+indadequate');
}
...
code for that page.
...
?>
 
Welcome back Ruturajv after so long time. Where were you in these days.

We all were missing you.

:D
 
hehe...

Well yes: that was a basic way of authenticating (code to be placed into the page)
but the class itslef will most probalby need to be writen by you only as its only you know knows how the authentication will go and what security measures you would like to have.

PHP5 OO-structures is almost the same as in any other programming language.
some small differences are described at http://www.php.net documentation page.
Code: 
<?php

class MyClass
{

   public $variable = "test";
  
  function __construc()
  {
      //Init here
  }

  private function doSmth()
  {  
      //Something here
  }
}
?>
 
HOWEVER if you are using PHP4: there will be some big differences as OO-support in PHP4 was an add-on and not part of the core...

I suggest you use PHP5
 
php-vikas said:
Welcome back Ruturajv after so long time. Where were you in these days.

We all were missing you.

:D
Click to expand...

ye thanks, .. was in a trance I suppose :D
 
You must log in or register to reply here.
Back
Top