You can verify user login sessions and belonging to groups in your PHP scripts. To do that, you need to put the following code in your script.
include_once("./lib/config.inc.php");
include_once("./lib/database.inc.php");
include_once("./lib/user.class.php");
$con = connect_database();
$user = new umUser();
$user->get_session();
$allowGroups = array('1', '2');
if($user->userID != 0 && $user->get_user() && $user->check_groups($allowGroups)){
# do something with your code
#...
}else{
each "You have no privilege to access this page";
}
close_database($con); First, the example includes support files including configuration settings, database functions and user functions as below. You may need to change the path of the files according to the location of your PHP script. include_once("./lib/config.inc.php");
include_once("./lib/database.inc.php");
include_once("./lib/user.class.php");
Then the script creates a database connection: $con = connect_database(); The script creates a user object and tries to load user session data after connecting to the database. $user = new umUser();
$user->get_session(); The groups which are allowed to access the script are stored in an array. You can change the group ID numbers. The example allows group #1 and group #2 to access this page. $allowGroups = array('1', '2'); The last part is to check whether the user is valid and is in the groups defined by variable $allowGroups. If it fails to verify the user and its belonging to groups, it shows message “You have no privilege to access this page”. if($user->userID != 0 && $user->get_user() && $user->check_groups($allowGroups)){
# do something with your code
#...
}else{
each "You have no privilege to access this page";
} |
