Articles
Writers

How to Use Group Information in PHP Applications

Use PHP to Create User and Group Specific Web Sites

© Mark Alexander Bain

Mar 17, 2009
Using Groups with PHP, Mark Alexander Bain
A PHP developer can quickly produce a web site that displays different things to different people - dpending on the group that they belong to.

Different people will always want different things from a web site, and a web site designer will often want to limit what some people can access on their web site whilst allowing other people to see more information. For instance, on the same web site:

  • some users may only be allowed to browse general information
  • some users may be allowed to see confidential information
  • other users may be allowed to update information on the web site

All of this can be achieved by a few lines of PHP code, and this PHP code needs to alter what is displayed on a web page according to the group that a user belongs to.

The Concept of a User Group

It is possible for the PHP programmer to give different levels of authority to different users, for example:

  • Fred may be allowed to view all data
  • Bill may be allowed to view only a subset of the data
  • Jill can add to and update any data
  • Henry can add to and update only a subset of the data

The programmer can, of course, set the authorities according to the user names but that implies that the user names need to hard coded into the application. Instead the programmer can assign the users to a group and then give the group particular authorities:

  • a manager can view all data
  • an engineer can view a subset of the data
  • an administrator can edit data

And it must not be forgotten that each user of the application may belong to more than one group.

Initial Contact

When a user accesses the application it will know nothing about the user or their group. The application's first act must, therefore, be to direct the user to a 'log on' page:

<?php
session_start();
$_SESSION['referer'] = "index.php";
if (! (isset($_SESSION['group']))) {
header ("Location: logon.php");
} else {
header ("Location: projects.php");
}
?>

This page (named index.php in this example) uses a PHP session to store variables and will also direct the user to the final page to be displayed (projects.php) once the group (or groups) is set. However, before that's done the user's group must be identified.

Selecting a User's Group(s)

When called the logon.php file must:

  • obtain a user's groups (if a user name has been entered) and return to the calling page, or
  • allow the user to enter their username

The PHP code to do this is quite simple:

<?php
session_start();
if (isset($_REQUEST['username'])) {
#obtain the user's groups
$_SESSION['group'] = array ('public','engineer','manager','administrator');
#Return to the calling page
header ("Location: " . $_SESSION['referer']);
} else {
#Display an input form
echo "<form>
User Name: <input name=username>
<input type=submit>
</form>";
}
?>

The only real consideration is where the list of groups come from. The most logical solution is to query a database, but for testing purposes a simple switch statement will suffice:

switch ($_REQUEST['username']) {
case "bill":
$_SESSION['group'] = array ('public','engineer');
break;
case "jill":
$_SESSION['group'] = array ('public','engineer','manager','administrator');
break;
default:
$_SESSION['group'] = array ('public');
}

Wherever the groups are obtained from, the next stage is to used the groups to display tht appropriate information on a web page.

A Group Dependent Display

The final PHP file (projects.php) uses the user's group(s) to select the correct information on the screen - in this case urls to the pages to be accessible for each group:

<?php
session_start();
if (! isset($_SESSION['group'])) $_SESSION['group'] = array("public");
#The information to be used by each group:
$tabs = array (
'public' => array ('Home','Newsletter'),
'engineer' => array ('view_jobs','view_diary'),
'manager' => array ('view_targets','view_engineer_tasks'),
'administrator' => array ('edit','new_task')
);
#Display the group's information
echo "<table><tr>";
foreach ($_SESSION['group'] as $group) {
foreach ($tabs[$group] as $module) {
echo "<td><a href=module/" . $module . ">" . $module . "</a></td>";
}
}
echo "</tr></table>";
?>

In this way the information accessible on the web site will depend on the group or groups that a user belongs to.


The copyright of the article How to Use Group Information in PHP Applications in PHP Programming is owned by Mark Alexander Bain. Permission to republish How to Use Group Information in PHP Applications in print or online must be granted by the author in writing.


Using Groups with PHP, Mark Alexander Bain
Choosing the Correct PHP Web Page, Mark Alexander Bain
The PHP Log in and Project Pages, Mark Alexander Bain
A User Accessing the PHP Web Site, Mark Alexander Bain
A User iwth Full Access, Mark Alexander Bain


Post this Article to facebook Add this Article to del.icio.us! Digg this Article furl this Article Add this Article to Reddit Add this Article to Technorati Add this Article to Newsvine Add this Article to Windows Live Add this Article to Yahoo Add this Article to StumbleUpon Add this Article to BlinkLists Add this Article to Spurl Add this Article to Google Add this Article to Ask Add this Article to Squidoo




about us Limelight Blog freelance writing jobs careers press room Site Map Terms & Conditions Privacy Policy