it's the difference between group/category or "object level" access:
i.e. "this function is level 1, and all level 1 users can execute it)
or
this function may be executed by level 1, level 2 users, but that function
may only be executed by level 3"
or
user x can access:
-function 1
-function 2
etc (ver long list :)
_alex
--
Alex Black, Head Monkey
[EMAIL PROTECTED]
The Turing Studio, Inc.
http://www.turingstudio.com
vox+510.666.0074
fax+510.666.0093
Saul Zaentz Film Center
2600 Tenth St Suite 433
Berkeley, CA 94710-2522
> From: [EMAIL PROTECTED] (Chris Aitken)
> Newsgroups: php.general
> Date: 17 Jan 2001 15:07:06 -0800
> Subject: Re: [PHP] < Levels of Access >
>
> At 10:36 PM 17/01/2001, you wrote:
>> Hey Guys,
>>
>> I wonder if anyone can shed light...
>> I have a system that internal users access -
>>
>> I have separated access levels into 1, 2, 3 etc. So if you have access 1
>> you can view certain things - If you are 2 then you can view more or other
>> things.
>>
>> However the problem arises when someone in access level 1 wants to access a
>> level 2 function. I then manually specify that:
>>
>> if (access = 2 or user=joe) {
>> Allow the functions ...
>> }
>>
>> This can get messy - as individuals will be specified all over the place on
>> a large system to override levels of access.
>>
>> Is there a sensible standard that is used to have levels of access but
>> special people can access certain higher level functions.?
>
>
> Why not have a database with all usernames/passwords/access levels in
> there, and when the user logs in (either with htpasswd or a form login
> script system) that info is recorded by a cookie.
>
> Than have a function which is at the start of every page which passes the
> access level of the user, and which levels can access the page. Say there
> was 5 levels, you could call the function this way
>
> auth_user("$access_level","N","N","Y","N","Y");
>
> The function just needs to grab the first variable as the users given
> access level, then the next 5 variables state whether levels 1 thru 5 are
> allowed to view the page (only level 3 and 5 can view it in the above
> example). If the users access level returns a Y for its corresponding
> level, then its allowed to proceed, otherwise they are shuffled off to a
> page telling them to (nicely) go away.
>
> I dunno if this is a clutzy way of doing it (chances are it is) but thats
> how I would try and implement it, and you can also create a nice simple
> admin screen system to maintain all users and access levels. Change it in
> the DB and its instant on all pages.
>
>
>
>
> Chris
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
