DrCox
|
Posted: 08/06/2004, 8:45 AM |
|
It seems like this would be so simple but I can find the answer in any of the boards!
I am trying to require two security items instead of one for a single page on my site. I don't want the page to load unless
a. the security level is met. b. the UserID = "132" or "135". This is to allow only two individuals access to this page. I can't just raise the CC security level. It would be a long story, but that's not an option.
CC has a custom security event for the page so one would assume you could "customize" your page security.
Does anyone know what code I should use for these parameters? I have tried the following. It doesn't report any errors but it doesn't work either...
get_session("UserID") == 132 or 135;
check_security(2);
|
|
|
teufel
Posts: 13
|
Posted: 08/06/2004, 9:14 AM |
|
Yes, but it seems CCS unfortunately does not have a more general approach to a real security system, i.e., role-based security (users, which belong to groups, etc.).
Please do a search in this forum for GroupsAccess and you will find some messages discussing things similar. I believe all you have to do is implement role-based security, and then say that user 132 AND user 135 belong to the same group. Note that here you would forget about "inclusive levels": all users belonging to a certain group which has rights to view the page would be allowed.
_________________
--teufel |
|
|
StevenD
|
Posted: 08/06/2004, 6:35 PM |
|
why do you not just use an extra table in the db for groups, ie 0=publib=2=users=3=etc
as per the existing system, then add your two users into the site admin group, then on the page, do a dlookup to the users table checking the new groups id, and if it matches show it, if it doesnt redirect the html header to an new page, this way you can leave all the site users on their existing access levels, but setup a second check by its side?
|
|
|
Drcox
|
Posted: 08/07/2004, 1:32 PM |
|
Thanks for the suggestions. I will check them out!
|
|
|
|