Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Displaying same page differently for users with different roles

I wanted some suggestions from someone with experience in php.

I am making a website in php which will have 4 kinds of users : 1. guest(unregistered), 2. registered, 3. registered with special privilages, 4. admins

So the same page will be visible differently to all four of them.

Right now I am doing that by using if conditions. In every page, I am checking the role of the user and then using many if statements to display the page accordingly.

It makes the code very big and untidy and I have to check conditions again and again in all the pages.

  1. Is there a better way to do this?

  2. How is this done in big professional websites?

  3. Extended Question: What is the most optimal way to do the same using a MVC framework like kohana 3.1? Does it have anything to do with acl?

like image 201
Paras Narang Avatar asked Jun 28 '11 21:06

Paras Narang


1 Answers

It really depends on what you need.

For example if the page has big part that change completely, what I would suggest is to create different templates and include them depending on their "permissions"

 $permission = $_SESSION['type_user'];
 include '/path/to/file/with/permission/'.$permission.'/tpl.html';

and have something in the page similar to

<?php
//inside include.php you have the line similar to
//$permission = isset($_SESSION['type_user']) && $_SESSION['type_user']!=''?$_SESSION['type_user']:'common';
require_once '/mast/config/include.php';
include '/path/to/file/with/permission/common/header.html';
include '/path/to/file/with/permission/'.$permission.'/tpl_1.html';
include '/path/to/file/with/permission/common/tpl_2.html';
include '/path/to/file/with/permission/'.$permission.'/tpl_3.html';
include '/path/to/file/with/permission/common/footer.html';
?>

if the script is full of small parts like "show this text", or "show this button", you can create a function that will check the permissions for you

<?php
function can_user($action, $what){
   switch($action){
      case 'write':
          return $your_current_if_on_what;
          break;
      case 'read':
      default:
          return $your_current_if_on_what;
          break;
   }
}
?>

and the template will look like:

[my html]
<?=can_user('read','button')?'My Button':''?>
[my html]

As a rule of thumb, if a piece of code is used more than 2 times, it needs to be put in a function/file separately, so if you have many "IFS" you need to create a function

like image 126
Fabrizio Avatar answered Oct 06 '22 17:10

Fabrizio