In my application, there are different group of users such as student, teacher, admin, principal etc., can log in to my application. And i’m having a php such as students_add.php which is a student manager, so only admin can view that page.
Now i’ve to set the file “students_add.php” can be accessed only by admin. For that, i can create a session variable like $_SESSION['user_type'] = 'A' then, by checking the session variable while the users get log in to my app, i can re-direct or set 404 error by using header() and .htaccess. But i don’t want to use this checking mechanism for each and every file in my app.
So, i want a simple solution to resolve my problem, and also please let me know what are the methods/logic out there to control a page being accessed by different user-group in PHP.
You basically have to check in every script, as there’s no other way. The only way is how you do that. The best approach is to move the checking code into separated script and then simply include it at the begining of every other script with
This is most clean approach. Alternatively, if you got really, really high number of scripts, you can use
php.ini‘sauto_prepend_filedirective.