Friday, August 19, 2005

PHP Users authorization - some ideas?

User management is always a problem with web developers. You can see everywhere, that a visitor must sign up for several times in order to use different service in one website. That is boring and makes a lot of people run away. If you are the one who create a full website for yourself, I think you will unite the user management. That is true for some famous open source like php-nuke, xoops.
Basically, the user management involves 2 database tables, say, tb_users and tb_groups. tb_users contains user_id, user_name, user_password, group_id and other information.
tb_groups contains group_id, group_name and some authority like: auth_view, auth_post, auth_upload,...
Whenever a user is logged and try to use a service, the php code will check the database to see if he have right or not.
The following is a proposal function to it conveniently
function check_auth($user_id,$auth)
////For example check_auth('upload')
{ 
global $_CONNECTION; 
$group_id=get_group($user_id);
$field="auth_$auth";
$sql="SELECT $field                
      FROM ".TB_GROUPS."     
      WHERE group_id=$group_id"; 
if ($result=mysql_query($sql,$_CONNECTION))
{  
     if  (mysql_num_rows($result)) 
     { 
           return mysql_result($result,0,$field);       
     }
     else   
     {
          return 0; 
     }
}
else
{
      return 0;
}
}//end function


If you have other ideas, please share ;)

Được đăng bởi vào lúc

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)