[SOLVED] How to set Multi Level User Permission

This topic is locked

[SOLVED] Â How to set Multi Level User Permission	6/13/2009 3:09:30 AM
PHPRunner General questions
D d_gan author I hope someone can answer this. How to list this or is there any workaround to achieve this? Level 1 L2 L3 L4... User A--A1--A11 --A2--A21 --A22 User B--B1--B11--B12 --B2--B21 --B22 --B23 It mean, User A can view order list by A (himself), A1, A2,(his direct affiliate), A11 ), A21, A22( his Affiliates' Affiliate) User A1 only can view order list by A1 and A11 User A2 can view order list by A2, A21 and A22 User B can view order list by B, B1, B2, B11, B21, B22, B23, B12, B2, B21, B22, B23 B11 can view B11 and B12 B2 can view B2, B21,B22 and B23 and admin can view order list of all In short, User is "Admin" for himself and his affiliate's or sub affiliates. Can someone tell me is this possible and it workaround?? Thank you

Mark as Solved Mark as not solved

4 replies


	hfg 6/16/2009
	Create a field in the user table call something like allowedareas Put the areas that are allowed for that user in this field as if you were using an IN statement but without the (). For user B2 it would look like this: 'B2','B21','B22','B23' where as B11 would be like this: 'B11','B12' And B23 is simply 'B23' Add the following events After successful login (UAA is just my abbreviation for user allowed areas) $_SESSION["UAA"]=@$data["allowedareas"]; On the List Page Before SQL Query put this (where table and field are your table and fields) $strSQL = AddWhere($strSQL,"`Table`.`Field` in (".$_SESSION['UAA'].")"); Note, for an admin to see all you would either have to put all the allowed areas in the allowareas field, or create a separate view for just the admin that only the admins can see. Hope that helps


D	d_gan author 6/18/2009
	Create a field in the user table call something like allowedareas Put the areas that are allowed for that user in this field as if you were using an IN statement but without the (). For user B2 it would look like this: 'B2','B21','B22','B23' where as B11 would be like this: 'B11','B12' And B23 is simply 'B23' Add the following events After successful login (UAA is just my abbreviation for user allowed areas) $_SESSION["UAA"]=@$data["allowedareas"]; On the List Page Before SQL Query put this (where table and field are your table and fields) $strSQL = AddWhere($strSQL,"`Table`.`Field` in (".$_SESSION['UAA'].")"); Note, for an admin to see all you would either have to put all the allowed areas in the allowareas field, or create a separate view for just the admin that only the admins can see. Hope that helps Thank <img src='https://asprunner.com/forums/file.php?topicimage=1&fieldname=reply&id=41956&image=1&table=forumreplies' class='bbc_emoticon' alt=':D' /> hfg, That will work if I only have few affiliates or sub affiliates. But sub sub affiliates is going to increase and when new sub affiliates is added, I will have to update the "allowedareas" for its sponsor/introducer and the sponsor/introducer of this sponsor/introducer all the way up to the top. I am thinking something more "Auto" where when the sub affiliate sign up and fill in his sponsor/introducer it will automatically identified this sponsor/introducer as his admin for him and his future sub affiliates.


	hfg 6/18/2009
	I have not tried this, but you might try a LIKE statement within the Addwhere $strSQL = AddWhere($strSQL,"`Table`.`Field` like '".$_SESSION['UAA']."%'"); Then if the session variable is B2, B2, B21, B22, etc would all be caught Again, I have not tried this, just a thought Good Luck


D	d_gan author 8/6/2009
	Create a field in the user table call something like allowedareas Put the areas that are allowed for that user in this field as if you were using an IN statement but without the (). For user B2 it would look like this: 'B2','B21','B22','B23' where as B11 would be like this: 'B11','B12' And B23 is simply 'B23' I manage to get a php script to dynamically generate above allowadareas without manual insert the allowedares using below php code. As the example I use $_SESSION["MID"] suppose to be B2 it will echo the $tree as 'B2','B21','B22','B23' <?php $connect = mysql_connect("localhost", "user", "password"); mysql_select_db("dbasename"); $nav_query = MYSQL_QUERY("SELECT * FROM `MyInfo` Where `MID` =" . $_SESSION["MID"]; $tree = ""; $depth = 1; $top_level_on = 1; $exclude = ARRAY(); ARRAY_PUSH($exclude, 0); WHILE ( $nav_row = MYSQL_FETCH_ARRAY($nav_query) ) { $goOn = 1; FOR($x = 0; $x < COUNT($exclude); $x++ ) { IF ( $exclude[$x] == $nav_row['MID'] ) { $goOn = 0; BREAK; } } IF ( $goOn == 1 ) { $tree .= "'".$nav_row['AgentID']. "', "; ARRAY_PUSH($exclude, $nav_row['MID']); IF ( $nav_row['MID'] < 6 ) { $top_level_on = $nav_row['MID']; } $tree .= build_child($nav_row['MID']); } } FUNCTION build_child($oldID) { GLOBAL $exclude, $depth; $child_query = MYSQL_QUERY("SELECT * FROM `MyInfo` WHERE RID=" . $oldID); WHILE ( $child = MYSQL_FETCH_ARRAY($child_query) ) { IF ( $child['MID'] != $child['RID'] ) { $tempTree .= "'".$child['AgentID']."', "; $tempTree .= build_child($child['MID']); ARRAY_PUSH($exclude, $child['MID']); } } RETURN $tempTree; } $tree = substr_replace($tree ,"",-2); ECHO $tree; ?> This script run well and generate $tree which is 'B2','B21','B22','B23' so I can use this in the IN STATEMENT. The problem is I cannot manage to insert this to Snippet. I tried to insert this code in After Successful Login or List page: Before SQL Query and even tried to put in a field Custom Code in View As. All stuck . How to modify this code so I can put in Snippet to get the $tree to insert to IN Statement in List page: Before SQL Query $strSQL = AddWhere($strSQL,"`Table`.`Field` in (".$_SESSION['UAA'].")"); ???

4 replies

Mark as Solved Reply