CODEWITHSUNDEEP
phpmysql
maestro416
maestro416

Reputation: 924

PHP User authentication Logic

I'm trying to understand how I can setup the right logic for what I'm trying to do.

I want to have a site that gives access to specific URLs based on the user type/category. So if User A subscribed to URLs 1,2,3 he should not be able to access 4,5,6 which User B has subscribed to.

I can easily write something that would check to see if a user is logged in before populating a series of links, but I dont want the links to be shared with other users.

I was thinking I might use a mysql query to select from where a user would match a certain group or type and put this query in every page so before loading the content it would check the db to make sure the right user is getting access to it.

What I want to know is 1. Is this the right method to do this? and 2. How would I structure my DB? Should I have it so that each page (or specific type of content) is it's own table and users are entered in to that table upon registration? Or is there another way to structure this that might be better logically and from a performance perspective?

Upvotes: 3

Views: 196

Answers (2)

Gonzalo Acosta
Gonzalo Acosta

Reputation: 135

You're on the right path with user's groups. And to make a select each time user loads the page would give you a poor performance, but here's a solution I used once with something very similar.

First create a table that holds user groups (in case you need to add groups later), then add an index to your users table to reference each user's group.

Then on your login query select the user group's ID along with user and pass, and store it to a $_SESSION var as you would with the other two fields, let's call it $_SESSION['groupid']

Then mix php and html on your page where you want to show the right links. this part will deppend on how many groups you have, if they are few (such as Admin, Moderator, User), this should do it:

<yourhtml pre-links>
<? if($_SESSION['groupid']==1)
{
echo "link 1" //formated html links goes here, maybe pre-stored links
}
elseif ($_SESSION['groupid']==2)
{
echo "link 2"
echo "link 3"
}
elseif ($_SESSION['groupid']==3)
{
echo "link 3"
echo "link 1"
}
?>
<yourhtml post-links>

Hope this hepled you, don't know if that's what you were actually looking for, but this way you're showing them without having to change pages or anything

Upvotes: 2

Shafeeque
Shafeeque

Reputation: 2069

I don't have enough knowledge in this. If I were you then,

I will create table with links

Table links

 link_id   link
   1       abc.php
   2       cde.php
   3       efg.php

And user_details as 

 user_id username   password 
    1     login1   login_pass
    2     login2   login_pass2

and a table which defines user links as

user_links

  id  user_id  link_id 
   1     1       1
   2     1       2 
   3     2       3

From these tables, using joins I will get user links for login1 user link abc.php and cde.php

Same way you can map all other links.

For checking the user privilege, you can write a function to check selected path is already mapped with logged user ( user id you can store in sessions ).

Upvotes: 0

Related Questions