Hi,
I have a basic application/framework that I use to create my apps
from. It already has the basic authorization code in there, to check
if the user has provided the correct password, and to either let them
continue performing actions or to boot them back to the login page.
I also use this little trick in prerun.. if a runmode is prefixed with
"a_" then the user must be logged in, if no a_ is present, they can be
anonymous. This is handy for sites that have a public side and an
administrative side.
Now I'm writing my first application that has multiple access levels
using C::A, but all are required to be logged in.
Ie for this inventory management system there are 3 levels of users.
1: administrators - these folks can do anything and everything.
2: read only administrators - they can see everything, but not save anything.
3: dealers - these folks may update their profiles and order stuff.
Typically in the past i'd something like this in my runmodes
if ($acllevel == 1) {
$self->load_tmpl('admin_index.tmpl');
} elsif ($acllevel == 2) {
$self->load_tmpl('etc...');
And in my code sections i'd have stuff like this
if ($acllevel == 1) {
$sql = "select * from purchaseorders";
} elsif($acllevel == 3) {
$sql = "select * from purchaseorders WHERE userid = $userid";
}
you get the point, this all seems very hacky to me. are there cgi
modules that are made for doing this sort of thing any cleaner ?
thanks.
--
Jeff MacDonald
http://www.halifaxbudolife.ca
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/suppressed/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.