Copy link to clipboard
Copied
I've created a CMS website using a content table and I'm calling the new pages using the content table and echo $row_pageRS["fieldName"] calls residing in div tags. Navigation is called in standard.php page using link names stored in a field with the standard.php?recordID=$row_navRS["id"] as a link in my href to control navigation. This is typical master detail page workflow. The navRS is just a Record Set created from the content table that calls the link name and the ID. All is well with the website. Everything works perfectly.
Now I want to add some protected pages. There is a field in the content table called access.
I've also created a page called protected.php and I can add restricted access to that page using the normal PHP code. Inside the code you'll get this field when you add user name and password + access levels. Let's say that my access levels are 5 and 10.
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "10,5";
$MM_donotCheckaccess = "false"
This also works perfectly but I need a bunch of protected pages with different access levels.
Instead of creating a new protected page for every level of access I'd like to call the access levels from the access field in the pageRS (current page Record Set) with code looks something like this:
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = $row_pageRS["access"];
$MM_donotCheckaccess = "false";
This would pull the access levels for the page from the access field in the database and greatly simplify my automatically generated navigation system. I can't seem to find a way to make this call and have it work. I've tried declairing a variable, putting the call for the page record set before the page protection.
Any ideas about how to do this? Would addin an if else argument at the head help?
Thanks.
Copy link to clipboard
Copied
If the access levels function correctly when assigning the variable to a hardcoded string, it should also work when assigning from a recordset value. Have you echoed the value of $row_pageRS["access"] to see if it is as expected? Is the datatype of "access" a character or a numeric type?
Copy link to clipboard
Copied
Finally got it working. You have to put the restrict access code at the end of the PHP code at the head of the page. Once that happens reading the user access from the recordset value.
Now I'd like to add and statements. User access seems to be working on or statements.
For Example:
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "10,5, 3, userGroup1";
$MM_donotCheckaccess = "false"
means any user with an access level record of 10, or 5, or 3, or userGroup1 will be granted access to the page. What I'd like to to is have the access come from two fields in the user data. Kind of a category and class thing so that a user that had 5 and userGroup1 in their fields would be granted access but a user with only 5 or only userGroup1 would not be given access.
Any pointers would be appreciated.
Copy link to clipboard
Copied
Then obviously you will need to modify the generated DW code where the evaluation takes place. You would need to post that if you want further assistance.