How to Use Group Information in PHP Applications: Use PHP to Create User and Group Specific Web Sites

A PHP developer can quickly produce a web site that displays different things to different people - dpending on the group that they belong to.

Different people will always want different things from a web site, and a web site designer will often want to limit what some people can access on their web site whilst allowing other people to see more information. For instance, on the same web site:

• some users may only be allowed to browse general information
• some users may be allowed to see confidential information
• other users may be allowed to update information on the web site

All of this can be achieved by a few lines of PHP code, and this PHP code needs to alter what is displayed on a web page according to the group that a user belongs to.

The Concept of a User Group

It is possible for the PHP programmer to give different levels of authority to different users, for example:

• Fred may be allowed to view all data
• Bill may be allowed to view only a subset of the data
• Jill can add to and update any data
• Henry can add to and update only a subset of the data

The programmer can, of course, set the authorities according to the user names but that implies that the user names need to hard coded into the application. Instead the programmer can assign the users to a group and then give the group particular authorities:

• a manager can view all data
• an engineer can view a subset of the data
• an administrator can edit data

And it must not be forgotten that each user of the application may belong to more than one group.

Initial Contact

When a user accesses the application it will know nothing about the user or their group. The application's first act must, therefore, be to direct the user to a 'log on' page:

<?php
session_start();
$_SESSION['referer'] = "index.php";
if (! (isset($_SESSION['group']))) {
header ("Location: logon.php");
} else {
header ("Location: projects.php");
}
?>

This page (named index.php in this example) uses a PHP session to store variables and will also direct the user to the final page to be displayed (projects.php) once the group (or groups) is set. However, before that's done the user's group must be identified.

Selecting a User's Group(s)

When called the logon.php file must:

• obtain a user's groups (if a user name has been entered) and return to the calling page, or
• allow the user to enter their username

The PHP code to do this is quite simple:

<?php
session_start();
if (isset($_REQUEST['username'])) {
#obtain the user's groups
$_SESSION['group'] = array ('public','engineer','manager','administrator');
#Return to the calling page
header ("Location: " . $_SESSION['referer']);
} else {
#Display an input form
echo "<form>
User Name: <input name=username>
<input type=submit>
</form>";
}
?>

The only real consideration is where the list of groups come from. The most logical solution is to query a database, but for testing purposes a simple switch statement will suffice:

switch ($_REQUEST['username']) {
case "bill":
$_SESSION['group'] = array ('public','engineer');
break;
case "jill":
$_SESSION['group'] = array ('public','engineer','manager','administrator');
break;
default:
$_SESSION['group'] = array ('public');
}

Wherever the groups are obtained from, the next stage is to used the groups to display tht appropriate information on a web page.

A Group Dependent Display

The final PHP file (projects.php) uses the user's group(s) to select the correct information on the screen - in this case urls to the pages to be accessible for each group:

<?php
session_start();
if (! isset($_SESSION['group'])) $_SESSION['group'] = array("public");
#The information to be used by each group:
$tabs = array (
'public' => array ('Home','Newsletter'),
'engineer' => array ('view_jobs','view_diary'),
'manager' => array ('view_targets','view_engineer_tasks'),
'administrator' => array ('edit','new_task')
);
#Display the group's information
echo "<table><tr>";
foreach ($_SESSION['group'] as $group) {
foreach ($tabs[$group] as $module) {
echo "<td><a href=module/" . $module . ">" . $module . "</a></td>";
}
}
echo "</tr></table>";
?>

In this way the information accessible on the web site will depend on the group or groups that a user belongs to.

---

Posted on Utopian.io - Rewarding Open Source Contributors

---