Home/ Questions/Q 6647413
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T00:32:05+00:00

I have about 15-20 permission settings that are loaded when a user logs in.

  • 0

I have about 15-20 permission settings that are loaded when a user logs in. These are each stored as a session with a value of 1 or 0.

I’m wondering, would it be better to have one session like $_SESSION['permissions'] with a value of: dothis:0,dothat:1,doanother:1, etc. (one large string) which I can explode and seperate later on with PHP, or would it be best to have all these as separate sessions with just a value of 1 or 0?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Rather than a string to parse, store them as an array in $_SESSION. This makes it much easier to modify individual permissions without having to do piles of string operations.

    session_start();
$_SESSION['permissions'] = array();
$_SESSION['permissions']['dothis'] = TRUE;
$_SESSION['permissions']['dothat'] = FALSE;
$_SESSION['permissions']['doanother'] = TRUE;

    Addendum

    You might have figured this out already, but I thought I would add that it is easiest to interact with these via a few tiny functions. These will save a lot of typing (and typing errors), and make sure the values all end up as booleans.

    function grant($permission) {
  $_SESSION['permissions'][$permission] = TRUE;
}
function revoke($permission) {
  $_SESSION['permissions'][$permission] = FALSE;
}
// Test if the user is allowed to do $permission
// FALSE if the permission isn't set
function user_can($permission) {
  return isset($_SESSION['permissions'][$permission]) ? $_SESSION['permissions'][$permission] : FALSE;
}

    The you can just call them as:

    grant('dothis');
revoke('dothat');
if (user_can('doanother')) {
   // congratulations you're allowed
}
    • 0