controlling/creating accounts with privileges


Posted on 16th Feb 2014 07:03 pm by admin

hi all,
i'm trying to figure out how i can create/control account with privileges, for instance an Administrator creates an account but gives it guest privileges (able to see data but not edit, or delete it, not able to create users).

when a user logs in, i store his/her privileges is a session.
Code: $_SESSION['staff_privilege'] = $found_user['privilege'];
i wrote this function to check for privileges and placed it in the create user page. (1 = admin, 2 = guest)
Code: function get_privilege() {
if (logged_in() && isset($_SESSION['staff_privilege'])) {
if ($_SESSION['staff_privilege'] == 2) {
redirect_to("../staff/staff_browse.php?privilege=false");
}
} else {
redirect_to("../staff/index.php");
}
}

for instance if a user with guest privileges goes to create user page, he/she will get redirect to another page showing a message.

the above code is working, but i'm wanted other ideas about how this could be accomplished in another way
thanks

No comments posted yet

Your Answer:

Login to answer
142 Like 29 Dislike
Previous forums Next forums
Other forums

PHP5 - Verifying a secure mail is secure
I need to send an e-mail from a form to a external department and because it contains personal custo

Show message after entering data
Hello Colleagues

I would like to display messages after entering the data example: "
dat

getting weird error..
okay, I'm getting an error on this particular function, something about the syntax in the mysql LIMI

Procedural to OOP
John Kleijn said that to avoid writing "crappy code", we should learn OOP and common OO pr

Date help - fetch dates for Mondays between xxx and yyy?
Does anyone know the best way to do this? I have two dates, say:

2010-01-26 and 2010-05-30

paginate search result
Hi, I have a paginations script to display data from my database but i would like to paginate someon

mysql_real_escape_string
Let me preface this that I am very much a PHP noob, but I have some SQL training (not necessarily My

Variable passed to each() is not an array or object
Hi,

This is a email a friend type of form, and it isn't working anymore.

<?

SHOW TABLES Help
Hi all

I have the following

Code: [Select]<?php
$sql = "SHOW TABLES&quo

Request for tunning the below query
Hi,

Can any one help me on the below query while improving the performance,

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash