[eluser]tkyy[/eluser]
oh neat, i made something similar
Code:
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
/*
|---------------------------------------------------------------
| ACCESS CONTROL LIBRARY
|---------------------------------------------------------------
|
| This library allows us to restrict access to specific users,
| it essentially creates "roles" inside of the application.
|
| The access level number is generally the user's role number,
| for instance when I implement this there is generally make a
| field in the user's table called 'access' or 'type' that
| corresponds to the access level.
|
| Author: Doug Lauer <[email protected]> <http://taky.bz>
| Date: Thu Nov 11 2010
|
*/
class access_control{
//class variables
var $ci, $userdata, $access_field, $my_access, $users_table, $user_id;
//const
function settings($access_field='access',$user_table='users',$user_id=''){
//give me the ci superobject
$this->ci = get_instance();
//give me the current userdata
$this->userdata = $this->ci->session->userdata;
//grab the field we designated for storing the user access levels
$this->access_field = $user_field;
//validate that value as well
if($this->access_field==''){
ed('noexists_access_field');
}
//grab the users table
$this->users_table = $user_table;
//validate that too
if($this->users_table==''){
ed('noexists_users_table');
}
//validate an set the user's primary id
if(!is_numeric($user_id)) ed('invalid_user_id');
//set it into the class variables
$this->user_id = $user_id;
//grab the users access level from the userdata
$this->grab_level();
}
/*
|---------------------------------------------------------------
| PUBLIC FUNCTIONS, CALLABLE
|---------------------------------------------------------------
*/
//define an access level for a particular page, checks userdata
//you should put this function into the constructor functions for
//controllers generally, but it can also be placed in specific functions
//instead!
function define_access($number=''){
//validate the input at a glance
if(!is_numeric($number) || $number=='') ed('invalid_access_level');
//simple, right?
if($this->access_level=>$number){
//cool, the user is able to view this page
return TRUE;
}else{
//no, this user does not have the privledges to view
return FALSE;
}
}
/*
|---------------------------------------------------------------
| PRIVATE FUNCTIONS, INTERNAL
|---------------------------------------------------------------
*/
//echo and die, "ed"
private function ed($string=''){
//you got me, i'm dead!
echo $string;
die;
}
//grabs my access level from the userdata
private function grab_level(){
//check if the access level is in the userdata first, this will
//avoid doing another get query from the database if we can
if($this->userdata[$this->access_field]!=''){
//set my access level according to the userdata
$this->my_access = $this->userdata[$this->access_field];
}else{
//no userdata existed, we have to grab this from the database instead
$result = $this->ci->db->select($this->access_field)
->from($this->users_table)
->where('id',$this->user_id)
->limit(1)
->get()
->result_array();
//validate a result was returned
if(isset($result[0][$this->access_field])){
//good, we have something back, set it
$this->my_access = $result[0][$this->access_field];
}else{
//we didn't return any results for that query, die
ed('noresult_access_query');
}
}
}
}
# EXAMPLE LIBRARY USAGE
# ---------------------------------------------------------------
#
# //controller constructor
# function welcome(){
#
# parent::controller();
#
# $this->load->library('access_control');
#
# $this->access_control->settings('access','users',$this->session->userdata['id']);
#
# if(!$this->access_control->define_access(8)){
#
# redirect($this->config->item('base_url'));
#
# }
#
# }
#
