develop membership system to include different rolls

StackOverflow https://stackoverflow.com/questions/20939323

Question

I have a basic membership system set up using MySQL database with 3 tables, user_id, user_name and user_password. my php code bellow is simple as I am new to php and will develop it further as my knowledge progresses. I am trying to create different rolls at the moment, member, admin and global admin. I am a bit lost on how to progress on from what I have so far. any advice or suggestions will be very much appreciated.

my basic membership code

    <?php
session_start();

$errorMessage = '';
if (!empty($_POST['user_name']) && !empty($_POST['user_password'])){
    include 'library/connect.php';

    $user_name = $_POST['user_name'];
    $user_password = $_POST['user_password'];

    $sql = "SELECT user_id FROM Login WHERE user_name = '$user_name' AND user_password = '$user_password'";

    $result = mysql_query($sql) or die('Query failed. ' . mysql_error());
    $row = mysql_fetch_array($result);

    if (mysql_num_rows($result) == 1) {
    $_SESSION['user_logged_in'] = true;
    $_SESSION['id'] = "$row[user_id]";
    header("Location: user/user.php");
    }
        else {
            $errorMessage = 'Sorry, wrong username / password';
            }
                include 'library/close.php';
}
?>
<html>
<head>
</head>
<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="998000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>

<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post" name="formLogin" id="formLogin">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
    <td width="150">User name</td>
    <td><input name="user_name" type="text" id="user_name"></td>
</tr>
<tr>
    <td width="150">Password</td>
    <td><input name="user_password" type="password" id="user_password"></td>
</tr>
<tr>
    <td width="150"></td>
    <td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>

Summery I have a basic membership system built and i wish to expand it to include Rolls for two level security admin and global admin.

Was it helpful?

Solution

Well, you can easily add a field in your table, for example 

level

and add a value, for example 1 (basic user) 2 (admin) 3 (global admin).

When there is an operation which can be done, for example, only by an admin, you just check it like this: 

if ($user_level >= 2) {

echo 'You can do this...';

}
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top