php user authentication - design question

A

Anonymous

Guest
Hi,

I have a question, and hoping that someone possible already ran into this before and can give me advice :)

I have mySQL database with users / passwords. I have a script which checks user permissions when user logs in. Each one of the pages on the site needs to include this php-check-permissions script. Is there any way to avoid it? In other words, is there any way not to include this script into every file, but check permissions on a directory level (similar to htpasswd)? (I can't use htpasswd for it, since users need to be added/deleted by admin users, who don't have root permissions to the htpasswd file)

I will greatly appreciate any help!

Thanks in advance,

Lena
 
Put the authentication stuff in a separate file and just include that file from every page.
 
That is the way I've usually done it, but this site contains a lot of files, and they don't want to include my php file in all of them, also considering that someone in the future might forget to include it for some new page. I guess there is no other way, though (?) I was also trying to check if I can include something like that in php.ini file.
 
You can automatically append or prepend things to files via Apache directives, though that's hardly an ideal solution.
 
Back
Top