Reputation: 8268
How to identify user access privileges using PHP and MySQL?
I have developed a login page using PHP which is used by teachers and students for log-in. After login , I can create a session variable to keep him/her logged in until he logs out.
$_SESSION['id']=12;
Now when they log-in for the first time I want them to enter extra information , by providing them with different forms depending on whether he is teacher or student.
Now my question is how will I identify the type of user during his session? What changes do I need to make in Session variable or what extra information do I need to store? (I already have created the database with default passwords for all teachers and students and now need to enter extra information from them as I described).
Upvotes: 0
Views: 2438
Answers (4)
Reputation: 1384
Let's make this easy, i rather change my database, add one more column named "access" or "privilege", 1 for the teachers and 2 for the student, you can filter the status, that define which menu should showed up.
Upvotes: 0
Reputation: 1026
If you can retrieve the user's information on the fly from the database, the best thing to do (if there are only two roles and not extensive permissions) is add a role field to your users table.
Make it a boolean, so that 0 = student, and 1 = teacher.
You would then check for this using an if() statement to decide which form to display, e.g.
if($user_data['role'] == 0){
// Display student form
} elseif($user_data['role'] == 1) {
// Display teacher form
}
You could store this in a $_SESSION['role'] variable if you don't want to have to get this from the database every time you reload the page.
Upvotes: 2
Reputation: 51
If you need to save the infomations:username,password,teacher or student as flag in session,you can do flow,after log in,you save $_SESSION['username'], $_SESSION['password'], $_SESSION['flag'],then,the sessions will be as string,and saved in session file.
Upvotes: 0
Reputation: 39389
There are numerous ways to achieve this. If you’re storing the user ID in the session, then you can look up the user’s details and permissions based on their ID. So if you have a user_type column in the database table where you store whether the user is a teacher, student, goblin or whatever, then you can check the value of this in your PHP script.
Upvotes: 0
Related Questions
- How to check if user has a role that allows to access the site?
- authorization - how to check for user permissions in web app?
- Checking if user is admin or not in PHP
- checking user role and restriction for user
- Validate user's rights
- manage user permissions in php
- Query MySQL for permissions in PHP
- Retrieve the database rights from php?
- PHP account privilege , session or mysql check
- Method for storing a user's website privileges and querying in mySQL?