One solution:
You set up a separate table:
user_level { level_id (unsigned int), level_description (varchar 100 )}
it looks like this:
level_id level_description
100 admin
200 user
In your user table you add level_id as a field.
After a good validation of the user (username and password), you grab the
level_id
and make a session variable out of it.
Than in you page you decide what you show or not to the user based upon the
level_id
if( $level_id <= 100 ){
show link for admin
}
if( $level_id >= 101 && $level_id <= 200 ){
show link for user
}
Having another table and separating the id by a hundred number lets you add
more security level as the site grows.
This is one solution, I am shure there is many more and I would
like to see what other people do as well...
py
----- Original Message -----
From: Jordan Elver <[EMAIL PROTECTED]>
To: PHP General Mailing List <[EMAIL PROTECTED]>; PHP DB Mailing
List <[EMAIL PROTECTED]>
Sent: Friday, March 16, 2001 7:28 PM
Subject: [PHP] Login System with access levels
> Hi,
> I've got a db with a username and password in it. I can let people log in,
> like SELECT * FROM table WHERE username = username AND password =
password.
>
> But how can I add an access level column so that I can have different
levels
> of security. So admin's can read everything, but users can only read
certain
> sections.
>
> How could I add to my db and structure a query?
>
> Any ideas would be good,
>
> Cheers,
>
> Jord
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
