1

I am planning to build a site which will have members and member uploaded content. I need to choose between the following:

a) A separate interface for admins and users

b) Same interface for admins and users

For example, a particular module 'yellowpages', would have listings uploaded by members. When the owner of the listing visits the page, they will be displayed edit/delete links by checking their session data against the database. The same will be displayed to an administrator. These links will not be visible to public users. The edit/delete functions will also check if the user is the owner/or is an admin so as to avoid the public from accessing the edit/delete URLs direclty.

Also, if the user is an admin, an additional navigation bar will be displayed on the top which has links to functions that will add/edit/modify site settings and everything.

So my question is, is the above a good way to do it? or to have separate interfaces for users and admins like http://philsturgeon.co.uk/blog/2009/07/Create-an-Admin-panel-with-CodeIgniter

WebNovice
  • 2,230
  • 3
  • 24
  • 40

2 Answers2

1

There is another options too. And I Prefer this.

C) Mix Both (a) and (b) Options of Yours

Create a separate interface for admins. which includes admin listing and managing of users and listings (edit/delete/ban user etc..)

Plus You can use users and permissions type of situation. For Ex.

  • Add a table permissions user type can be admin, guest, registered, moderator etc..
  • Depend on login type : session will be stored and as per session in front end the operations will be displayed.
  • Ex.:
    • guest will not see "add comment" link ;
    • registered can add comment + listings + edit own listing ;
    • moderator can edit anyone's listing ;
    • admin has all rights.

Depend on your application and time you can add as much as you want. I wrote as per globalization of any application.

TechCare99
  • 1,763
  • 6
  • 24
  • 33
0

If you gona use same interface it whould be less secure. Intruder would be theoretically able to become admin throug user interface. Also while programming you will have to keep in mind that some methods would be used by user and admin both - so ypu can simply forget something letting intruder some way to go. I'd beter create one class with methods used by admin and user (i.e. edit(), delete()) and extend it with two classes - user and admin.

s.webbandit
  • 16,332
  • 16
  • 58
  • 82