1. 技术文章
  2. Blocking a user from logging in with a certain permission level and then an alert displaying to let them know why

Blocking a user from logging in with a certain permission level and then an alert displaying to let them know why

狂风中的少年 提交于 2019-12-20 03:51:27

问题


I am trying to figure out how to block a user from signing in to my site unless they are over a certain permission level. I am making my site public and once someone registers they are given the permission level 'bench'. Once I accept the user and change the permission level, then they are able to login. The way I am blocking the 'bench' permission level users is with a redirect to the index page(where they sign in at). However, I want to display some sort of alert that pop's up displaying a message that I create and then from the start not even allow that user to move forward.

I'm not sure if I can do this with validation or not. Something like if this user tries to log in, the script dies once it sees that the permission level is at the group 'bench'. Then a pop alert displays saying why.

This is how I allow the user to login..

if(Input::exists()) {
if(Token::check(Input::get('token'))) {

    $validate = new Validate();
    $validation = $validate->check($_POST, array(
        'username' => array('required' => true),
        'password' => array('required' => true)
    ));

    if($validation->passed()) {
        $user = new User();

        $remember = (Input::get('remember') === 'on') ? true : false;
        $login = $user->login(Input::get('username'), Input::get('password'), $remember);

        if($login) {
            Redirect::to('userIndex.php');
        } else {
            $tryagain = '<span class="signinpanel">' . "The information you entered did not match our records." . '</span>';
        }

    } else {
        foreach($validation->errors() as $error) {
            echo $error, '<br>';
        }
    }
}

I then redirect like this...

if($user->hasPermission('bench')) {
header("Location: http://sundayfundayleague.com");
die();
}

This is my permissions code:

public function hasPermission($key) {
    $group = $this->_db->get('groups', array('id', '=', $this->data()->group));

 if($group->count()) {
        $permissions = json_decode($group->first()->permissions, true);

        if($permissions[$key] == true) {
            return true;
        }
    }
    return false;
}

How can I go about doing this?

UPDATE:

I am not sure I am doing this correctly. I'm doing a die with it and showing an error message I made up.

if(Input::exists()) {
if(Token::check(Input::get('token'))) {

    $permissionError = "Your membership request has not been accepted yet.";

    $validate = new Validate();
    $validation = $validate->check($_POST, array(
        'username' => array('required' => true),
        'password' => array('required' => true)

        if($user->hasPermission('bench')) {
        die($permissionError);
    ));

    if($validation->passed()) {
        $user = new User();

        $remember = (Input::get('remember') === 'on') ? true : false;
        $login = $user->login(Input::get('username'), Input::get('password'), $remember);

        if($login) {
            Redirect::to('userIndex.php');
        } else {
            $tryagain = '<span class="signinpanel">' . "The information you entered did not match our records." . '</span>';
        }

    } else {
        foreach($validation->errors() as $error) {
            echo $error, '<br>';
        }
    }
}

来源:https://stackoverflow.com/questions/30915839/blocking-a-user-from-logging-in-with-a-certain-permission-level-and-then-an-aler

标签
javascript
php
jquery
ajax
permissions
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!