Session stuff

[Jesdisciple]

I'm horrible at commenting my code, plus I don't know what other code I could introduce without actually setting up a database.Let's assume that I'm a sub-admin on your site; that would make my level 3 (and yours is 4). Our user IDs obviously don't match, so if I visit your profile...

if(false || 3 > 4)	//The current user can edit this profile.

But if you visit mine...

if(false || 4 > 3)	//The current user can edit this profile.

[unknown gamer]

Hm, i think i'll just continue my way, i feel really stupid and don't really think i should keep repeating this...

[jlhaslip]

I'm coming in here late, I know, but see this link.Notice when you first arrive at the site, the list of links is small and limited to those that are available to all visitors.Using the email address = member@member.member, pass=member, log-in to the site and the links list will change to include all the links that a member would have access to.Now use the log-out link and sign-in using email address = mod@mod.mod, pass = mod to see a different list of links. A member assigned to the Mod level sees a different list of links. Admins see another one. (sorry )Please note that this is merely a sample, (demo), site, so not all the links work. It is merely a 'test' site for a Log-in script that uses 'levels' and 'privileges' similar to what you are asking about.See also this link for a permissions tutorial of sorts.If the Demo works for you, I would be happy to make available the code so that you could learn from it. The site is not (yet) complete, (php is merely a spare time hobby) but it could be used to demonstrate some of the techniques you are asking about.

[unknown gamer]

Wait, so the link: http://www.trap17.com/index.php/user-permi...php_t56187.html is the same code you used for your website?also that's basically what i'm looking for.

[jlhaslip]

grab the code, study it, and use what you want.

[unknown gamer]

That code confuses me a lot. Do you think you can send me some of the code from the demo login thing?

[jlhaslip]

Here is Demonstration of the Code in action: http://www.jlhaslip.trap17.com/project/index.phpLog-in with eMail Address : guest@guest.guest pass: guest to see the Login of a registered guest.Log-in with eMail Address : member@member.member pass: member to see the Login of a Member.Log-in with eMail Address : mod@mod.mod pass: mod to see the Login of a Moderator.Admin Users see a different set of links still.All of this is done without using the actual permissions scripting found above, simply the use of Sessions and a User Level in the member's Database record. If this is what you want/need, I can walk you through the scripting, but because this is a "learning" experience, and the code is fairly complex for a beginner since there is a bunch of scripting methods in it that don't actually concern the issue here, I will not merely make the scripting available. Not that I am being protective or greedy about it, but the purpose is to get you to learn PHP and being able to develop the script yourself. Trust me, if you merely cut and paste the code, you will not be able to manage it properly, so get your learning cap on and let me know if you are prepared to actually develop your own script. I will assist you all the way with it.

[unknown gamer]

That'd be awesome if you could.

[jlhaslip]

Okay.Start by reading and installing the Script by justsomeguy found here: http://w3schools.invisionzone.com/index.ph...ost&p=96608

[unknown gamer]

Reply, Ok. I installed it but when i try to register it doesn't send the information to the database.Yes I have the full thing of register.php and I have all the information in db.php correct, I went to it and it didn't return an error and I put in the db code properly, the code says its sending it to the database but it doesn't...

[jlhaslip]

try this link: http://jlhaslip.com/jsg/Seems to work fine. Check to make sure you have the last version of the Register.php script from that Tutorial. The first one gets altered later on in the process.If it continues to fail, post your register.php script here.

[shadowayex]

Alright, I'm not sure how you're doing on this right now, but here's what I would do:Let's say my table looked something like this:

| Username | Password | Level | Other Crap.... |//rows

The user would log in, and if it were successful I would have $_SESSION['level'] set as so:

$row = mysql_query("SELECT * FROM (user table) WHERE Username = (however you stored the username)");$row = mysql_fetch_array($row); //I like to reuse variables$_SESSION['level'] = $row['Level'];

That way, $_SESSION['level'] can always be checked for the users level.The rest of the code would basically be built based off of what the level system is. Let's say I have it set up like so:1 - Admin2 - Sub-Admin3 - Mod4 - UserFor this example I'm going to let userA try to edit userB. So I would start by getting userB's level:

$row = mysql_query("SELECT * FROM (user table) WHERE Username = 'userB'");$row = mysql_fetch_array($row);$userBlevel = $row['Level'];

Then we check if userA is allowed to by seeing if it's level number is higher than userB's.

if($_SESSION['Level'] > $userBlevel){	//edit script}

Does that help at all?