3

I'm trying to understand how I can setup the right logic for what I'm trying to do.

I want to have a site that gives access to specific URLs based on the user type/category. So if User A subscribed to URLs 1,2,3 he should not be able to access 4,5,6 which User B has subscribed to.

I can easily write something that would check to see if a user is logged in before populating a series of links, but I dont want the links to be shared with other users.

I was thinking I might use a mysql query to select from where a user would match a certain group or type and put this query in every page so before loading the content it would check the db to make sure the right user is getting access to it.

What I want to know is 1. Is this the right method to do this? and 2. How would I structure my DB? Should I have it so that each page (or specific type of content) is it's own table and users are entered in to that table upon registration? Or is there another way to structure this that might be better logically and from a performance perspective?

Improve this question

2 Answers 2

Reset to default
2

You're on the right path with user's groups. And to make a select each time user loads the page would give you a poor performance, but here's a solution I used once with something very similar.

First create a table that holds user groups (in case you need to add groups later), then add an index to your users table to reference each user's group.

Then on your login query select the user group's ID along with user and pass, and store it to a $_SESSION var as you would with the other two fields, let's call it $_SESSION['groupid']

Then mix php and html on your page where you want to show the right links. this part will deppend on how many groups you have, if they are few (such as Admin, Moderator, User), this should do it:

<yourhtml pre-links>
<? if($_SESSION['groupid']==1)
{
echo "link 1" //formated html links goes here, maybe pre-stored links
}
elseif ($_SESSION['groupid']==2)
{
echo "link 2"
echo "link 3"
}
elseif ($_SESSION['groupid']==3)
{
echo "link 3"
echo "link 1"
}
?>
<yourhtml post-links>

Hope this hepled you, don't know if that's what you were actually looking for, but this way you're showing them without having to change pages or anything

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

I would also go 1 step further by checking on every page if the current user may access it. So for example, a check on top of pageforgroup1.php to see of $_SESSION['groupid'] is in fact equal to 1. This will prevent the users from going to pages by simply typing the url.
This is perfect... it's more or less what I wanted to do - just a few tweaks to the structure will make it ideal for my need. Thanks Gonzalo Acosta & @Bjorn Smeets!
The only thing I'm not 100% sure about is how to reference multiple groups to one user? Would I need multiple entries of the same user ID but referencing different groups each time?
Well I didn't think of that. Are you doing that in order to manage several privilages? Or the links have some other use?
You should think about how many groups you're going to have. If they are few you can just add boolean-like fields to your user table, one for each section you want them to view. Else you can manage the privilage storage on your db on a single field, then explode it. Check this out in case you don't know the function php.net/manual/es/function.explode.php
|
0

I don't have enough knowledge in this. If I were you then,

I will create table with links

Table links

 link_id   link
   1       abc.php
   2       cde.php
   3       efg.php

And user_details as 

 user_id username   password 
    1     login1   login_pass
    2     login2   login_pass2

and a table which defines user links as

user_links

  id  user_id  link_id 
   1     1       1
   2     1       2 
   3     2       3

From these tables, using joins I will get user links for login1 user link abc.php and cde.php

Same way you can map all other links.

For checking the user privilege, you can write a function to check selected path is already mapped with logged user ( user id you can store in sessions ).

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.