Login Script With Different Access Levels

I would like to create a log in script with different user access levels: System admin, manager and staff. I currently have a log in script in place, but this does not facilitate the different user access levels.


Two Levels Of Access Login Script

I have a fairly simple login in script and I need to make it have two
levels of access not one. can anyone help me with this? The script is

// we must never forget to start the session
$errorMessage = ''
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
include 'config.php'
include 'opendb.php'
$userId = $_POST['txtUserId'];
$password = $_POST['txtPassword'];
// check if the user id and password combination exist in database
$sql = "SELECT user_id
FROM auth_user
WHERE user_id = '$userId'
AND user_password = '$password'";
$result = mysql_query($sql)
or die('Query failed. ' . mysql_error());
if (mysql_num_rows($result) == 1) {
// the user id and password match,
// set the session
$_SESSION['db_is_logged_in'] = true;
// after login we move to the main page
header('Location: list_pages.php');
} else {
$errorMessage = 'Sorry, wrong user id / password'
include 'closedb.php'
<meta http-equiv="Content-Type" content="text/html;
if ($errorMessage != '') {
<p align="center"><strong><font color="#990000"><?php echo
$errorMessage; ?></
<form method="post" name="frmLogin" id="frmLogin" class="box">
<table width="400" border="1" align="center" cellpadding="2"
<td colspan="2"><b>Login</b></td>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId" class="box"></
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"
<td width="150">&nbsp;</td>
<td><input type="submit" name="btnLogin" value="Login" class="box"></

View 1 Replies View Related

Login Script With Two Levels Of Access

I have two hard coded user ids and passwords with an additional field
called level. for the sake of
this explanation lets call them.
user_id - abc password - 123 level - 1
user-id - xyz password - 456 level - 2

I have two separate admin pages called list_pages.php and

I need a login to allow people that sign in with login "abc" to be
able to access "list_pages.php" and people that login in with "xyz"
to be able to access "list_pages1.php"

View 4 Replies View Related

Control Different Access Levels

I plan to use two tables (i.e. guest and employee) to control which page is available to which user. The guess can sign up for an account while the employee cannot. The account of an employee can only be assigned by a system administrator. Here is the question I just found: Assume UserA is a employee and has 'login001' as user name and 'password' as password. Now, a guess comes to the website and applies for a user name with 'login001' and 'password' as password.

Then the userB can access some internal websites b/c he/she chose the same username/password as one of the employee does. Here is my fix to this problem: Method one: Whenever a user name is applied (not matter guess or employee), the both table guess and employee should be checked to make sure there is no duplicate.

Method two: Combine guess and employee tables together as person table. However, for guess, the user_type can be assigned as GUEST and for employee, the user_type can be assigned as EMPLOYEE. I don't know whether above methods make sense or not. If neither or them are good solutions, please give me some direction so that I can adopt some best practice. I am NOT using any framework or OOP to implement my PHP script.

View 2 Replies View Related

Php Admin CP With Various Access Levels

I'm the owner of a website that is dedicated to an online gaming community. The site is html, and it relies a lot on me to update things. I would like to give access to people without having them know html or give them ftp access.

So I'm creating an Admin Control Panel php page, and converting several of the site webpages to php. The Admin CP is just one giant Form, and outputs from this form go on the various pages. Code:

View 14 Replies View Related

Handling User Access Levels

I'm writing a website backend that will support several users, and every user will have a certain flag for whatever they have access to. I'm trying to come up with a good way to maintain this information.

I was thinking about storing the answer as an integer and then to check flags, I would convert the integer to binary and compare that to a key. For example if my key is

A=1, B=2, C=3, D=4

1011 would mean the user has access to A,B, and D. (read right to left)

Which when stored, would be 11. This seems fine but my variable would have to be a rather large one. (I'm storing the data in a MySQL database) After the number of flags hit a certain size, I'd cap out. I'm guessing around 40 (maybe my math is just off)

Anyone have any ideas one what the best way to handle this problem could be?

View 4 Replies View Related

PEAR Auth Access Levels

I've been experimenting with PEAR Auth package and I've managed to successfully set it up. I've searched on here and in various places to see if it is possible to setup different access levels for different users. Does anyone know of a way to do this?

Is it as simple as getting the auth class to return all the values from my user table with different access levels set in the table itself or would a better solution be to create another instance of Auth (although I don't want 2 seperate logon forms) to create a seperate higher level access session.

View 1 Replies View Related

Set Different Levels Of Access With The Use Of Session Function?

I'm trying set different levels of access with the use of session function!

Section A - Form for Admin to Log in
If Username and Password not entered.

View 5 Replies View Related

Authentication With Pear Auth() And Access Levels?

Looking on the web to find a good tutorial for implementing an auth system with Pear Auth(). I need to use different user permission, storing access level in a db field. On the official docs can't find anything about permission level.

View 1 Replies View Related

Access Deeper Levels Of A Json Tree Using Curl?

I'm trying to learn how to use CURL and Json to access data sent from the Facebook graph api. I'm using the following function which pulls the post data:

function loadFB($fbID){
$c = curl_init($url);


Example JSOn data looks like this:

"data": [
"id": "xxxx",
"from": {


As it stands, I can retrieve the message of a page update, or if its an event I can retrieve the event name and the link for the event. But what if I want to retrieve say the event date or the venue name? Its under another tier of 'properties'. With my code so far, I can access the first level of things with $post->message, but when I try $post->properties->text this doesn't work - so I don't understand how this works. On top of that, in the 'properties', there's 2 'text' which is adding to my confusion of how to access these things.

View 2 Replies View Related

Wordpress - Make Function Recursive / Work For Any Number Of Levels, At The Moment It Is Written To Work For 3 Levels?

I have written a function for a multilevel wordpress menu, but I'd like it to work for any number of levels, at the moment it is written to work for 3 levels.

//only gets the top level items
$top_level_pages = get_pages('parent=0&sort_column=menu_order&exclude=129,2,13');
foreach($top_level_pages as $page){
$p_id = $page->ID;

View 2 Replies View Related

Php Ms Access Login

I am doing a website where i need the admin to login. I have produced a username/password form which gets sent to my login.php page, the code of which i will show below. Unfortunatly it isnt working and it just keeps saying "login error as (username)".

Login.php code ....

View 1 Replies View Related

PHP & MS Access Login

I have login information stored in an access database.  I have a form where they enter information to put into the database.  Each time they enter in new information it puts a new record with their information along with their ID's.  Now my question is, if I have a login page where they put in their id, how can i get that information to stay, like a session id or something? What can i use? Sessions or cookies? I'm lost here ha go figure.

Basically i guess just keeping their id to the next page where they enter in additional information so that the id goes into the same record as the additional information if that makes any sense?

View 4 Replies View Related

Machine Restricted Login Access?

I am working on a project that has a requirement such that login details can only be accessed from one machine at one time. For example, if I grant you access to my website and you login from your home machine, the system will store this settings in a cookie/database. Now if you try the same login details on your work machine or any other machine, the system will not let you log into the system. The login will now only work from home machine.

View 3 Replies View Related

Login To Different Pages Based On Access?

I am a graphic designer who has been given the task of creating our website (already up). I need to create a login page for our top clients that will direct them to their own pages. I am using Dreamweaver and have a MySql database on the host. example:

user: joe
PW: xxxx
company: xyz
Direct to xyz page
user: sue
PW: xxxx
company: abc
Direct to abc page

I've looked but haven't found anything that is directly related to this.

View 1 Replies View Related

Login Page According To The Access Rights?

In my web site I want to load some menus without login and there is a admin login. When admin logged in I want to some more menus. This is my code. But it is not working. It display all menus every time.

$page = $_GET['page'];  
if ($page);
$page = "index.php";     


View 4 Replies View Related

Looking For A User Login / File Access Script?

I've been asked by a client in construction to build a customer login section where each customer will have access to their own set of pdfs (certificates, job specs etc) when they login.

Accounts will be created manually so no real need for a front end registration.

Does anybody know of a script that can handle this?

View 4 Replies View Related

Make Comment System With Login Access?

make comment system with login access. I download comment script from internet but all script without login and anyone can comment without login.But i need only login user can comment. i download script from here commentics.org for comments.

View 3 Replies View Related

Restrict User Access Based On The Login?

I'm creating a program in PHP/MySQL, for which I need to restrict user access based on the login. How can I restrict access based on login? I know you can do with creating different folders on windows server and assigning different a user rights, then put relevant pages into that folder.

Is there any other way you can do that purely using PHP/MySQL that is quite robust enough? How can you decide which user gets access to which page?

View 1 Replies View Related

Login - Allow Access To .htaccess Protected Directory?

I am trying to password protect a section of a web site. I have the login script written and it works fine, as do all of the document level restrictions. I want to be able to also restrict access to various image directories using .htaccess, which is also setup and working. My problem is I want my logged in users to be able to access these directories without having to enter another password. Is there a way to pass the username/password to .htaccess with PHP avoiding the .htaccess popup? I have trawled google for hours and was hoping someone here might have a thought or two.

View 8 Replies View Related

User Login And Preventing Access To Non-html Files

I built a user login for my site with php and it works great. The problem is that I want to put some .doc and .pdf files up on the web that only a logged in user can access and I don't want the user to have to enter another username/password I want to use the current system I've got now (which is just checking cookies and a database to see if you're logged in at the beginning of restricted pages). This doesn't have to be done with php but somehow I want to base whether or not you can view the files based on whether you're already logged in.

View 1 Replies View Related

Is It Possible With Sessions For A User To Login And Retreive/access The Same Information.

Just wanted to ask a question regarding sessions. I have a system where users can create projects and these are shown in a table that accesses the relevant data from the database.

Is it possible with sessions for a user to login and retreive/access the same information that he may have added in a previous session (e.g. projects created by that user in previous sessions)? If so, how is this done?

View 1 Replies View Related

Session - Forbid Access To Files In A Login System?

I wrote this VERY simple PHP login system:

$error = '';[code]....

This protects the .php sessions just fine.The problem is that this doesn´t protect the files.I mean if go directly to:


it will download it wether you have loged in or not.I notice this must be a complete newbie question but, WTH, you have to start somewhere...

View 5 Replies View Related

Login To Check Two Date Fields To Grant Access To Certain Pages

I am making a pay-for-use site that I am having trouble with the login. I have made a few sites before with login pages using Dreamweaver, but this one requires a bit of PHP code. Apparently that is a weak point since I have only read a few books on PHP.

The site will have access for 6 or 12 months. I have a MySQL DB that captures the name, address, etc. It also captures two DATE fields. One for the registration date, reg_date. The other DATE field is for expiration date, expiry_date. For example, if a user registers for 12 months on March 1, the reg_date field is populated with 2007-03-01 and the expiry_date is filled with 2008-03-01.

I would like the login to check these two date fields to grant access to certain pages. I think a little math should do the trick, but am not sure how to do it. BTW- if there is a better way, I am willing to scrap this method and try something else. I have a small test page produced in DW that I can attach the code here if needed. It uses the DW behaviors to allow access based on a privilege level.

View 4 Replies View Related

Can't Access Secured Pages After Login On Symfony Functionnal Test

I currently trying to test a symfony app that has secured pages, using functional tests. Log in as a user that is a superadmin (thus bypassing any credential check) Browse to a secured page (here displaying a list of documents) Make some various tests to check various requirements.

When I browse the secured page, instead of a 200 HTTP code, I get a 401 "Unauthorized" HTTP code, meaning I'm trying to access a page without being authenticated/without having the right credentials. Even if I log as a normal user, that have the proper symfony credentials, I still get a 401 error.

Code used

class CapWebndfTestFunctionnal extends sfTestFunctional
* Login as a user
* @param string $username User's username........

View 1 Replies View Related

Create A Login Page For Access To 1 Table (data) In Database?

i want to create a login page for access to 1 table (data) in my database (app1) consisting of about 10 fields. I will be giving the user the password and creating a password for them, but I need them to be able to enter it along with their username for access to a table. Once they have access, I them to be able to
1) view the table in the database) perform a query on an id field (eg. to be able to search the table for records with the matching id)

View 5 Replies View Related

Simple Login Based Authentication/prevent Access To Unauthorized Users?

I am just starting to learn PHP and work on a personal project. My goal is to offer a Login page for a business owner to log into their website and then add/remove content in a certain section as needed (classified information, part information, used equipment, etc.)I have a login script working successfully, but am trying to get pointed down the correct path where to start looking at the authenticated sessions and cookies to restrict unauthorized access. The page now loads to index.php which then redirects to parts.php once the user has been authenticated. I need to make sure that any user cannot browse to parts.php and gain access.

View 3 Replies View Related

Store The User's Data After Login For Fast Access During The Session, After Retrieving From Database?

I am developing a social network from scratch and need to store the user's frequently required data like his friendlist, groups, news-feed post Ids, so that it can be accessed fast after each refresh rather than querying the database each time it is asked. What would be a better way to store this data? The application is expected to bear heavy traffic.

I was thinking of storing this data in php objects after the user login. I am using PHP OOPs model to interact with the database thus my data is retrieved though objects & retrieved data is stored in objects after query from database. So, Instead of destroying the object assoon as its value has been passed once, I would retain the required objects uptil the user is logged in.Is this the correct way?

View 2 Replies View Related

Array Levels

I have to insert a string in an array at a particular level, creating
it if it doesn't exists.


$levels=array(a,b,c) ***number of variables does vary

what I'd like to get:


The final array is being filled in a foreach loop therefore $levels
and $name change at every loop.

View 2 Replies View Related

Error Levels

My system admin turned down all the error levels so that the warnings would
not go to the user. Now I find that in dubugging, I don't get messages as
to what is wrong. I tried error_reporting(20p47); . but it diidn't do
anything. How can I get the messages as to where my coding errors are
without going back to the admin guy?

View 2 Replies View Related

Authenticating: Levels, Etc..

i've already have levels of security (sessions and login verification based on DB)

but is there a risk involved with using includes ? let's say i have an if else statements to control who gets permission to do what, and it's based on including the editing files in stead of coding everything on one page.

View 1 Replies View Related

Copyrights 2005-15 www.BigResource.com, All rights reserved