Power 2 Protect PHP Class
Author: Igor Feghali
Email: ifeghali@interveritas.net
[DESCRIPTION]
This class verifies if a user have
access to the current page by requesting a mysql
database record and then take the user to a error
page if the record doesn't match the user's key.
[MySQL TABLE STRUCTURE REQUIRED OR EQUIVALENT]
USERTYPE PERMISSIONS
($table_usertype) ($table_perm)
|---------------| |---------------|---------------|
|usertype(int) | |accesskey(int) |page(char) |
|---------------| |---------------|---------------|
| 2^0 | | x |/dir/page1.php |
| 2^1 | | y |/dir2/page2.php|
| ... | | z |page3.php |
| 2^(n-1) | | w |/dir3/page4.php|
|---------------| |---------------|---------------|
USER
($table_user)
|-------------|-----------|---------|-------------------|
|usercode(int)|login(char)|pwd(char)|usertype(int) |
|-------------|-----------|---------|-------------------|
| 1 | login1 | pwd1 | 2^a |
| 2 | login2 | pwd2 | 2^b |
|-------------|-----------|---------|-------------------|
[[WHERE]]
"n" is the number of records in USERTYPE.
a,b is an integer and 2^a and 2^b must have a
correspondent in USERTYPE.
x,y,z,w is an integer [0,1,2,3,7,...,2^(n-1)] and
is obtained by the sum of the usertypes you want
to grant access.
Note: you must provide the whole path after
your domain's root dir.
Example: for a script located at
www.yourdomain.com/dir1/script.php you should
fill "page" with "/dir1/script.php".
[INSTALL]
Edit file config.inc.php.
Create the tables USERTYPE, PERMISSIONS and USER
(or the names you set on the variables) following
the model under the MySQL table structure topic of
this document. If you want to use the default table
names, you can run the script create_tables.sql
to automatically create them. Make sure you gave
MYSQLUSER access to MYSQLDB.
[SETUP PROTECTION]
Add user types to USERTYPE using powers of 2.
Add to PERMISSIONS the relative path to the
file you want to protect associated to an accesskey
obtained by the sum of the usertypes you wish to
grant access. Include the file protect.php in the
script you have just added to PERMISSIONS.
[EXAMPLES]
For table examples you can check file create_tables.sql.
For an example on how to protect a page you can check
the file admin.php.
|