CodeCharge Studio
search Register Login  

Web Reports

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

YesSoftware Forums -> Archive -> GotoCode Archive

 Custom Security

 Print topic Send topic

Author Message
Sebastian
Posted: 10/05/2002, 4:46 AM
Hello

i need a slightly different login checker for my projects and i hope anyone can help me ...

I have the normal Security Check, which works fine, so i have a table (authors)with all the stuff in it what is important for the author (primary key, username, password, secLevel) ...

But now i have some more "modules". so i have created another table called "module" there are a field for the userID (the same as the primary key in table "authors"), and then one field per Modul (one for news, one for termine and so on ...). When in such a field a "1" is entered, the user can use the module, when there is "Null" or "0", he cant use the Module and the page.

Now i need to check not only for the SecurityLevel from table "authors", i need to check also, is it allowed to use Modul News" or "Termine" when i log in to a "News" or "Termine" Page ...

Is there any way to change the checksecurity function in CC 2.05 ?

BTW: is need this for PHP4 and MySQL
Nicole
Posted: 10/07/2002, 7:16 AM
Sebastian,
You should modify CheckSecurity function in order to check the value of the flag of the module page user tries to access.
I suppose that you have created separate pages for separate modules. In this case add second parameter for CheckSecurity() function:
function check_security($security_level, $module)
{
...
}

For each protected page create custom security event where call modified function with two parameters.
Well, the modifications to be made in the function body.
- retrieve the status falg value for the logged in use and for passed module value, e.g.:
$flag = dlookup("module", "flag_field", "userid= ". get_session("UserID")." And module_id=". $module);
in case the $flag value equals to “0” redirect user to any page.
- So the code to add should look like:
//check is the user is logged in
if(session_is_registered("UserID"))
{
$flag = dlookup("module", "flag_field", "userid= ". get_session("UserID")." And module_id=". $module);
if ($flag == 0)
header("Location: AccessDenied.php");
}

   


These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

Web Database

Join thousands of Web developers who build Web applications with minimal coding.
CodeCharge.com

Home   |    Search   |    Members   |    Register   |    Login


Powered by UltraApps Forum created with CodeCharge Studio
Copyright © 2003-2004 by UltraApps.com  and YesSoftware, Inc.