[PHP] How To Do This?

[Justin Kozuch]

Hey Everyone,
I'm struggling with an application I'm building for a client.
Depending on the person logged in, they have an authorization level
attached to their profile (1 for Administrator, 2 for Manager, etc).
When they successfully login, they are presented with a menu that is 
customized with options that can only be seen by certain ID levels, such 
as:

ID = 1:
View Ticket
Add Ticket
Edit Ticket
Delete Ticket
Reassign Ticket
ID = 2
View Ticket
Add Ticket
etc etc etc.
I was thinking of using an if statement, but I'm not quite sure how to 
tie this into the login application I've created in DW MX 2004.

Has anyone done this before? I'm looking for some direction on how to 
proceed.

Thanks,
Justin Kozuch
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Help w/ PHP Sessions

[Justin Kozuch]

Hi All,
I am creating an admin panel for a client, and part of the panel uses a 
menu system that, depending on the logged-in user's authorization level, 
displays certain menu items.

Here is the code that I have on the login form, called index.php


mysql_select_db($database_verspeeten, $verspeeten);
$query_rs_authlevel = "SELECT tbl_users.id_authlevel FROM tbl_users";
$rs_authlevel = mysql_query($query_rs_authlevel, $verspeeten) or 
die(mysql_error());
$row_rs_authlevel = mysql_fetch_assoc($rs_authlevel);
$totalRows_rs_authlevel = mysql_num_rows($rs_authlevel);
?>

// *** Register the variable named id_authlevel
session_start();
session_register("id_authlevel");
$id_authlevel = "id_authlevel";

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
  $GLOBALS['PrevUrl'] = $accesscheck;
  session_register('PrevUrl');
}
if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "mainframe.php";
  $MM_redirectLoginFailed = "loginscripts/error.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_verspeeten, $verspeeten);
  $LoginRS__query=sprintf("SELECT username, password FROM tbl_users 
WHERE username='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : 
addslashes($loginUsername), get_magic_quotes_gpc() ? $password : 
addslashes($password));

  $LoginRS = mysql_query($LoginRS__query, $verspeeten) or 
die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
 $loginStrGroup = "";

  if (isset($_SESSION['PrevUrl']) && false) {
  $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
}
header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
http://www.w3.org/1999/xhtml";>


.:. Verspeeten Computer Systems - Help Desk Login .:.

<br>
@import url("assets/css/verspeeten.css");<br>





  .:. please login .:.
  

  
  
  
  
  

Lost username/password?
  
  VCS HelpDesk v.1





Here is the code that I have on the main page, which is what they will 
see once they have logged in, this page is called mainframe.php

http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
http://www.w3.org/1999/xhtml";>


.:. Verspeeten Computer Systems - Help Desk Mainframe .:.






The issue that I am facing right now, is that whenever I try to login, 
it spits back this error:

Notice: Undefined variable: id_authlevel in 
c:\inetpub\wwwroot\verspeetensystems\mainframe.php on line 11

Notice: Undefined variable: id_authlevel in 
c:\inetpub\wwwroot\verspeetensystems\mainframe.php on line 13

Notice: Undefined variable: id_authlevel in 
c:\inetpub\wwwroot\verspeetensystems\mainframe.php on line 15

I was wondering if any of you would be able to shed some light on why 
this is happening. It's making me absolutely bonkers. I've looked at the 
PHP site for clues, but I can't seem to figure it out.

If you have any ideas, let me know. I'd be glad to hear them.
Sincerely,
Justin Kozuch
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php