⊗ppPmAuRg 432 of 447 menu

Access Rights in PHP

Most often, a website has not one but several types of users, and they all have different rights. For example, you might have regular users and admins. Admins will have more rights than regular users.

How this is implemented: let's create another field in the users table, let's call it status and for each user we will store their status: let's say for administrators the word 'admin', and for regular users - the word 'user'.

Now, when authorizing a user, into $_SESSION['status'] we will write the user's status from the database:

<?php if (password_verify($_POST['password'], $hash)) { $_SESSION['auth'] = true; $_SESSION['id'] = $user['id']; $_SESSION['status'] = $user['status']; // writing the status } ?>

Now let's say we have some page on the site that only admins have access to. Let's make it so that only admins can see the content of this page:

<?php if (!empty($_SESSION['auth']) and $_SESSION['status'] === 'admin') { // show the page content only to admins } ?>
English
AfrikaansAzərbaycanБългарскиবাংলাБеларускаяČeštinaDanskDeutschΕλληνικάEspañolEestiSuomiFrançaisहिन्दीMagyarՀայերենIndonesiaItaliano日本語ქართულიҚазақ한국어КыргызчаLietuviųLatviešuМакедонскиMelayuမြန်မာNederlandsNorskPolskiPortuguêsRomânăРусскийසිංහලSlovenčinaSlovenščinaShqipСрпскиSrpskiSvenskaKiswahiliТоҷикӣไทยTürkmenTürkçeЎзбекOʻzbekTiếng Việt
We use cookies for website operation, analytics, and personalization. Data processing is carried out in accordance with the Privacy Policy.
accept all customize decline