php - Authenticate users based on url with regular expressions -


i building php user login , administration system. every user has role specified administrator.

let's role has value url=/users/*. means user role should access every webpage sits in directory /users. eg users should access mydomain.com/users/myprofile.php, mydomain.com/users/friends/index.php not mydomain.com/foo/index.php.

i think solution achieve regular expressions.

eg. have rule url=/users/*. replace * sign regular expression, remove url= @ start of rule, url of page user visited , perform preg_match(rule,url), if returns yes user authenticated, if not redirect him.

questions:

1. regular expression * sign should replaced? thinking of [a-za-z0-9\-\#]+.

2. safe use $_server['request_uri'] current url user visited. safe use purpose?

3. there other way of achieving that?

you might @ different angle. usually, every page have method checking user's credentials - confirm rights has allow him access page. so, example, every page in users/ directory call function checks user's cookie , confirms in user group.

you don't need check $_server['request_uri'] because page knows (if not, use __dir__ etc.)

if need more complicated, can set user capabilities , check these page additions e.g. 

if ($visitor->hascapability(x) {     showlink(); //etc. etc. }

Comments

Post a Comment

Popular posts from this blog

sublimetext3 - what keyboard shortcut is to comment/uncomment for this script tag in sublime -

Image
i have script tag in code, keyboard shortcut comment/uncomment script tag in sublime. after selecting script open , close tag. <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> </script> i pressing ctrl + shift + / , getting this /*<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> </script>*/ also pressed ctrl + / , got this // <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> // </script> instead of <!-- <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"> </script> --> script open , close tag in 2 lines not in 1 line , not have spaces too. for mac,high light lines want comment. hold 'command , / ' commented. for windows: high line or select lines ,then hold ctrl + / if not work: ...
Read more

post - imageshack API cURL -

i credentials correct. when send image through form this:(action="http://api.imageshack.com/v2/images/"). working fine when tried send $ch = curl_init($url); failed. code: enter code here <form action="" method="post" enctype="multipart/form-data"> select image upload: <input type="file" name="file" id="file" multiple> <input type="text" name="auth_token" id="auth_token" value="xxxxxxxxxxxxxxxx"> <input type="text" name="api_key" id="api_key" value="xxxxxxxxxxxxxxx"> <input type="submit" value="upload image" > </form> $url = ' http://api.imageshack.com/v2/images/ '; $temp = $_files["file"]['tmp_name']; echo $temp."<br>" ; $ch = curl_init($url); curl_setopt($ch, curlopt_post, true); curl...
Read more

dataset - MPAndroidchart returning no chart Data available -

i having problems mpandroidchart. adding temperature , humidity data chart, displays "no chart data available". here can see bug is? super grateful! //create data //set size of data int size = list.size(); if (size > 24){ size = 24;} //create lists form temp , hum arraylist<entry> temps = new arraylist<entry>(); arraylist<entry> hums = new arraylist<entry>(); //fill list temp values (int = 0; < size; i++){ entry value = new entry(math.round(list.get(list.size()-size + i).temp), (size-i)); temps.add(value); } //fill list hum values (int = 0; < size; i++){ entry value = new entry(math.round(list.get(list.size()-size + i).hum), (size-i)); hums.add(value); } ...
Read more