PHP Classes

Power 2 Protect: Restrict user access to pages based on permissions

Recommend this page to a friend!
     
  Info   View files Files   Install with Composer Install with Composer   Download Download   Reputation   Support forum   Blog    
Ratings Unique User Downloads Download Rankings
StarStarStar 58%Total: 3,575 All time: 934 This week: 73Up
Version License Categories
power2 1.0.0GNU General Publi...Databases, User Management
Description 

Author

This package is meant to restrict the access of users to the Web pages of a site according to a definition of user role based permissions stored in a database.

The users are authenticated in login form when they try to access a protected page.

If a user attempts to access a page to which he as no permission, the browser is redirected to access an error page.

Each protected protected Web page has an entry in the database that establishes an association with an integer key value that defines the roles of users that are authorized to access the page.

The access key value defines a bit mask. Each bit is associated to user role. A bit in the access key mask set to 1 determines that the users with that role have access to the page.

Picture of Igor Feghali
Name: Igor Feghali <contact>
Classes: 2 packages by
Country: Brazil Brazil
Age: 40
All time rank: 32327 in Brazil Brazil
Week rank: 180 Up12 in Brazil Brazil Up

Details

Power 2 Protect PHP Class Author: Igor Feghali Email: ifeghali@interveritas.net [DESCRIPTION] This class verifies if a user have access to the current page by requesting a mysql database record and then take the user to a error page if the record doesn't match the user's key. [MySQL TABLE STRUCTURE REQUIRED OR EQUIVALENT] USERTYPE PERMISSIONS ($table_usertype) ($table_perm) |---------------| |---------------|---------------| |usertype(int) | |accesskey(int) |page(char) | |---------------| |---------------|---------------| | 2^0 | | x |/dir/page1.php | | 2^1 | | y |/dir2/page2.php| | ... | | z |page3.php | | 2^(n-1) | | w |/dir3/page4.php| |---------------| |---------------|---------------| USER ($table_user) |-------------|-----------|---------|-------------------| |usercode(int)|login(char)|pwd(char)|usertype(int) | |-------------|-----------|---------|-------------------| | 1 | login1 | pwd1 | 2^a | | 2 | login2 | pwd2 | 2^b | |-------------|-----------|---------|-------------------| [[WHERE]] "n" is the number of records in USERTYPE. a,b is an integer and 2^a and 2^b must have a correspondent in USERTYPE. x,y,z,w is an integer [0,1,2,3,7,...,2^(n-1)] and is obtained by the sum of the usertypes you want to grant access. Note: you must provide the whole path after your domain's root dir. Example: for a script located at www.yourdomain.com/dir1/script.php you should fill "page" with "/dir1/script.php". [INSTALL] Edit file config.inc.php. Create the tables USERTYPE, PERMISSIONS and USER (or the names you set on the variables) following the model under the MySQL table structure topic of this document. If you want to use the default table names, you can run the script create_tables.sql to automatically create them. Make sure you gave MYSQLUSER access to MYSQLDB. [SETUP PROTECTION] Add user types to USERTYPE using powers of 2. Add to PERMISSIONS the relative path to the file you want to protect associated to an accesskey obtained by the sum of the usertypes you wish to grant access. Include the file protect.php in the script you have just added to PERMISSIONS. [EXAMPLES] For table examples you can check file create_tables.sql. For an example on how to protect a page you can check the file admin.php.

  Files folder image Files (10)  
File Role Description
Accessible without login Plain text file admin.php Example Protected Example Page
Accessible without login Plain text file config.inc.php Conf. Config File
Accessible without login Plain text file create_tables.sql Data Mysql Example Database
Accessible without login Plain text file error_access.php Example Access Denied Page
Accessible without login Plain text file index.php Appl. Login Form Page
Accessible without login Plain text file logout.php Example Logout script
Accessible without login Plain text file permissions.class.php Class Power 2 Protect Class
Accessible without login Plain text file protect.php Aux. Protection script
Accessible without login Plain text file README Doc. README
Accessible without login Plain text file verify_login.php Appl. Validates information submitted from login form

The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page.
Install with Composer Install with Composer
 Version Control Unique User Downloads Download Rankings  
 0%
Total:3,575
This week:0
All time:934
This week:73Up
 User Ratings  
 
 All time
Utility:80%StarStarStarStarStar
Consistency:70%StarStarStarStar
Documentation:60%StarStarStarStar
Examples:55%StarStarStar
Tests:-
Videos:-
Overall:58%StarStarStar
Rank:1409