When you decide to work with PHP and MySQL you probably end up creating some sort of user controlled application. It might not be your first application but rather soon you start working with forms and suddenly you have created a login form and want to validate the user on every single page to see if the user is allowed to view the page content. Today I will present my PHP Authorization Class.
The authorization class will not take care of a login script or anything validating a user trying to login on your application. If you need a easy and fast login script you can read all about that on my SQL Login post. This class will take care of the page validation you need to do to make sure the logged in user is valid. This is done by introducing three different types: roles, resources and actions.
A role represents a user group for example guest, member, staff or moderator. A resource is easily explained as an object such as news, articles, users or games. Lastly the action is something you want to do such as add, delete, edit, view or list. With these three types we are able to specify authorization rules for various roles.
Read more…
August
actions, addResource, addRole, allow, allowed, apache server, authorization, authorization class, class, customizable, deny, dsl, isAllowed, mod_rewrite, php, resources, roles, serialize, session, unit tests, unserialize, user valid, validate