|
|
Posted by Jerry Stuckle on 08/27/07 00:45
Matt wrote:
>> But then how do the premium users read the non-premium articles? Of
>> course if you can answer that then you've solved your original problem.
>>
>> Norm
>>
>> p.s. You need to check your users permissions prior to retrieving your
>> articles. In other words, build your SELECT statement based on your
>> users permissions:
>>
>> if ($user_is_premium)
>> {
>> SELECT both non-premium and premium articles here}
>>
>> else
>> {
>> SELECT non-premium articles here}
>>
>> ...rest of code
>>
>> should be a rather small change to your code.
>
>
> Basically on the article index page I'll just loop through all of the
> articles in the table, and test for isPremium. If a row isPremium,
> I'll send the link to displaypremiumarticle.php?id=123, if not, just
> to displayarticle.php?id=123.
>
Don't. Let SQL do it for you. Norm has the right idea.
> That code would make things simpler but this page specifically
> displays a single article, hence the confusion. I could just do the
> above method and not show the links to non-premium users but this
> means a curious user could just guess at URLs and find 'hidden'
> content.
>
IF they aren't authorized, they won't get the article, even if they
guess the URL.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|