How to create usergroups in PHP?

Question

I am building an entire system using PHP and MySQL.

I want to create usergroups.

For example I want ADMIN1 to be able to ADD USER, and REMOVE USER

BUT

I want ADMIN2 to be able to ADD USER only

What is the standard way to do this?

Thanks.

Answer 1

You could use a simple login system and use sessions to allow access to certain pages e.g.

session_start();
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header ("Location: login.php");
}

This example just stops the user from accessing any other pages without first logging in. The login page would change the session like so:

        if (!empty ($username) && !empty ($password)){
        $sql = mysql_query ("SELECT * FROM users WHERE username='".$username."' AND password ='".$password."' LIMIT 1");
        if (mysql_num_rows ($sql) > 0){
            $_SESSION['login']=1;
            $_SESSION['username']=$username;
            header ("Location: index.php");
        }

That's just a basic example but hopefully you can see what can be done using a user's table and sessions :)

Answer 2

You can use system used in drupal ("table_name"):

"users" [uid, name]

"users_roles" [uid, rid]

"role" [rid, name]

"permission" [pid, rid, name]

Answer 3

I create roles for this, for example ADMIN1, ADMIN2 or whatever descriptive names suits best. Each user is then assigned a Role, and for pages or functions with limited access I check if the logged on user is part of the required role.

Answer 4

There aren't usergroups in mysql. You'll need to use the grant syntax: https://dev.mysql.com/doc/refman/5.5/en/grant.html

Answer 5

Are you looking for something like this?

Create user ‘admin1’ identified by ‘YOUR_PASSWORD’;
Revoke all on * from ‘admin1’;
Grant insert, delete, update, select on YOUR_TABLE to ‘admin1’;

Create user ‘admin2’ identified by ‘YOUR_PASSWORD’;
Revoke all on * from ‘admin2’;
Grant insert on YOUR_TABLE to ‘admin2’;