Posted by J.O. Aho on 11/18/06 22:28

linda wrote:
> OK please bare with me on this, as I don't know all the correct terminology.
> I would just like some input if this is the correct way to go about this.
>
> User_Reg Permissions
> user_id user_id
> name perm
> date_of_birth
> password
> reg_date
>
> I have two tables, one User_Reg and the other Permissions, they are link
> through user_id. In Permissions the field perm has a default of 1 (for
> registered users), 2 is for administration and 0 being unregistered. What I
> would like to know is, is this a good way of going about protecting pages,
> using this information in sessions?

If the Permissions table don't have more data than a user and the user level,
then it's a waist of space, make instead


User_Reg
user_id
user_level (alt perm)
name
date_of_birth
password
reg_date



If we assume you would store page data, then you can have

Permissions
user_id
page_id (string to identify page)
perm (bool value)

This way you could make different users to have access to different pages and
you don't have to have the traditional admin/user levels, but you can give a
"normal user" right to edit other users while an "admin" may not have the
right to edit users.

For a simple site that don't need a high configuration of access, the single
table is enough.


//Aho

[Back to original message]