[SOLVED] Restricting a column/field editing

This topic is locked

[SOLVED] Restricting a column/field editing	8/25/2011 12:12:55 PM
PHPRunner General questions
T techster author Hi I am a bit new to databases & I am facing trouble creating security around a column. Data table with about 15 fields. There is one field which can only be updated by the customer & no one else. How do I achieve this? It is appointment setting database. Scenario: 3 levels of security groups: Admin(Supermod); agents; customer Roles: Admin- responsible for upkeep & permissions etc. Agents - Are field agents who enter the data about prospects. Customer - The end field manager/closer/customer(in our case) who either approves the prospect or denies it. I have made 3 groups. Now I am stuck as to how can I restrict updates only to particular user OR a particular group. Please elaborate as much as possible; I am a good reader, can read links you guys head me to but I am not very technical with databases. Thought of doing a left join but could not get through. TIA

Mark as Solved Mark as not solved

7 replies


C	cgphp 8/25/2011
	Check this article: http://xlinesoft.com/phprunner/docs/hide_controls_on_add_edit_pages.htm


T	techster author 8/25/2011
	Check this article: http://xlinesoft.com/phprunner/docs/hide_controls_on_add_edit_pages.htm WOW! Such simple one and I had been digging on Join. :-) Many thanks, Cristian. --Small nag-- If I want to show it to two users say admin and cust1; both of them belongs to two different groups. $xt->assign("status_fieldblock",$_SESSION["UserID"]=="admin","cust1"); But it does not work. In the case above it will only show it on admin login and not cust1; incase, of following statement: $xt->assign("status_fieldblock",$_SESSION["UserID"]=="cust1","admin"); it shows only on cust1 and not admin. So I am unable to pass two arguments to it.


T	techster author 8/26/2011
	WOW! Such simple one and I had been digging on Join. :-) Many thanks, Cristian. --Small nag-- If I want to show it to two users say admin and cust1; both of them belongs to two different groups. $xt->assign("status_fieldblock",$_SESSION["UserID"]=="admin","cust1"); But it does not work. In the case above it will only show it on admin login and not cust1; incase, of following statement: $xt->assign("status_fieldblock",$_SESSION["UserID"]=="cust1","admin"); it shows only on cust1 and not admin. So I am unable to pass two arguments to it. I changed security to static and used `if ($_SESSION(GroupID) == "userlevel") { $xt->assign("status_fieldblock",false); $xt->assign("clientremarks_fieldblock",false); }` Worked.


C	cgphp 8/26/2011
	`$xt->assign("status_fieldblock", ($_SESSION["UserID"]=="cust1" OR $_SESSION["UserID"]=="admin"));`


T	techster author 8/26/2011
	`$xt->assign("status_fieldblock", ($_SESSION["UserID"]=="cust1" OR $_SESSION["UserID"]=="admin"));` Thanks Gile. Finally I am through with initial setup. Now doing the fine tuning, have few hiccups though as I am new to this.


T	techster author 8/26/2011
	Thanks Gile. Finally I am through with initial setup. Now doing the fine tuning, have few hiccups though as I am new to this. After testing what you mentioned, I figured that users can be many but our levels will be defined as 3. So I started trying with groupid or accesslevel. But does not work. With groupid phprunner gives username as a groupid and not the groups that I have defined. I tried working with $_SESSION["AccessLevel"] parameter but it does not work. I tried using print_r ($_SESSION); which prints all the attributes. On admin, user and customer, all three levels it is showing access level as User. However, I have designated each group separately. Any idea how do I resolve these?


C	cgphp 8/26/2011
	Please, post your code.

7 replies

Mark as Solved Reply