1

I am trying to create roles and permissions functions in php. I have checked some tutorials

but it is not clear that the permissions are that of the ones granted by mysql or they are improvised in php.

For example if I have roles like admin and user and developer, so should I have to create different users in database and then use those to perform different operations or should I create one root user and then control the access in php. To me it seems like the database should restrict it by having different users.

Cœur
  • 37,241
  • 25
  • 195
  • 267
azam khan
  • 51
  • 9
  • http://stackoverflow.com/questions/20939323/develop-membership-system-to-include-different-rolls/20939366#20939366 Maybe this can help. – Jackerbil Apr 18 '15 at 08:47
  • That is what is the confusion.. @Jackerbil That is control in php.. what if I want to use different users in mysql database with different privileges .. – azam khan Apr 18 '15 at 08:50
  • Well, you need, of course, both MySQL and PHP. The easiest way to do what I think you want to do is to set a value in the user's row in the DB, and then check that value in PHP. – Jackerbil Apr 18 '15 at 08:54

2 Answers2

0

First clear yourself on roles & permissions. In front end these are different things to provide access to certain pages & changes. As per your question let me tell you the roles as Admin/User/Developer can be managed by MySQL user rights. MySQL user rights restrict user access on tables, creating tables,deletion and insertion etc. Now if you create different users in database with custom user rights you will have to include different connection credentials for each of the users.
Further in controlling PHP pages restrict user access with user pages assignment by php codes.

lakshman
  • 656
  • 4
  • 18
  • So what do you suggest.. Is this a standard procedure or special case? – azam khan Apr 18 '15 at 08:55
  • standard procedure is to think of super admin:handles the most of the database process with all access, admin:with certain restrictions, user:with view & update privileges for front end. Now it depends on your security level. My suggestion will be create two different users apart from root, one for admin & other one for user. Use connection code & decide the security as you want. – lakshman Apr 18 '15 at 08:58
0

If you are really going for custom access management module. I would recommend you to create role table where roles will be placed

table:role
Columns:
id (pk, auto-increment)
role_name (Varchar)

keep 'role_id' in the user table.

you don't need to create a separate table for user_role since each use will have one role.

But if you are planning to have completely page level access.. You would need that table and a UI should be created where you would assign pages (access) to the user while creating a user.

If you are using any framework, do look for the available apis. YII has a very good security feature which access rules and filters are defined.

Danyal Sandeelo
  • 12,196
  • 10
  • 47
  • 78