Ok I think I found an easier way to perform it.
I just made few tables (users, roles, permissions and role_perm that connects the two). Then I made a php file (included right after the db-settings.php file) that retrieves all permissions of the logged users and saves them inside an array (taking userId from $_SESSION[]
) and with a function hasPermission($Permission) {
that checks the given permission in the array and returns true or false. This way each time I need to check for a specific permission I call it like
if(hasPermission("write-news")) {
// let him write it
} else {
// "you do not have permission, bye bye"
}
Maybe this isn't the proper way to set up a role based permission system or w/e it is, but It's simple and works for what I need it to. Unfortunately I really don't have time to spend learning how better systems works. If you have some suggestions about it, I'd be interested to read it.