I am implementing a simple database system. Basically is a simple social network, everyone has his own dashboard, where you can post some random text. The problem is that I want a privacy level, I mean I want that somebody is allowed to browse only some profiles. And I'm deciding who can watch what.
The question is: How can I do that?I have to work with relation in the database or what?
Thanks for your time.
S.
What you are looking for is called "Access Control List" (ACL): Check out Nettuts tutorial on implementing an ACL: http://net.tutsplus.com/tutorials/php/a-better-login-system/
Create a secondary table where you keep who can access what. If in the main user table you have and id or something (preferably indexed) (like you should). Just make a 2 column table with id and view_id or something (both foreign keys and togeder should form a pk). And... you read from it.
Most probably you would want to set a table for your privacy like
id type
1 View All
2 View None
3 View Something
then on your table where users can be found you could call the type
user_id privacy_id
1 2
2 3
4 1
where privacy_id is the id of your privacy table, something like that.
Related
I have a website coded in html/css and a bit of js and jQuery.
MySql is my choice of database.
I have a login-system and users can create their own accounts on my site.
The problem is, that I'm trying to somehow restrict users so that only user A can view content (in this case, images) that I have specified for him. User B can only view its own content and so on.
I tried to mess with Role Based Access Control in php but I failed.
I'm looking for a simple solution. I have one (1) table with users where the "user_id" is the primary key.
Isn't there a way to do something like this?
if(user_id == 1) {
Do somethnig here
}
Charles, as commented there are many "open source content management systems" available that do this out of the box - I personally favour http://www.silverstripe.org/
However your question is about how to structure your database and I would recommend a "many many" relationship ( https://en.wikipedia.org/wiki/Many-to-many_(data_model) ). To create this you will need a table in the middle that stores all the id's from both ends.. e.g.
member - id - plus other fields
member_image - contains only member_id and image_id
image - id - plus other fields
to complete your code example...
$sql = "SELECT 1 FROM member_image WHERE member_id = $iMemberID AND image_id = $iImageID"
...it would be "if" the above SQL returned a row or not they member can access that image
I'm trying to show or not show links based on a users access level. The links will be different depending on the section of the site the user might be in. The links also may not all be in one menu. They will more than likely be in various places on the page.
Currently I have a database table that contains Users, Groups and Sections. The main menu is built from the Sections database table. I'm thinking I should create an Actions table and add a link that I'd like to show for each section in the action menu. So, my tables so far are like.
Users
user_id
Groups
group_id
group_title
Sections
section_id
section_title
Table I'm thinking of adding.
Actions
action_id
action_title
action_group_id
action_section_id
The part I'm not sure on is should I add the same link multiple times to the Actions table for each group that is allowed access. Or, just add it once and do a if group id is greater than, then show link.
Example for entering the same link multiple times.
action_id action_title action_group_id action_section_id
1 View all 1 1
2 View all 2 1
3 View all 3 1
I was hoping to not flood the page with a bunch of if/then statements. Plus, this doesn't seem like the best way to handle because it requires human interpretation as to what the access levels stand for.
Any help on this is appreciated. I could be going in the complete wrong direction here?
Create a many to many relationship with an additional table where you insert an entry for each permission the group has access to. Am I correct in assuming section is what you're creating permission to?
Table: Group_Section (Or whatever you'd like to name it)
Group_id | Section_ID
---------+-----------
1 | 1
1 | 2
1 | 3
2 | 1
2 | 3
|
You can see that the Group with ID = 1 can access sections 1,2,3 while Group with ID = 2 can access only 1,3. You can then add whatever permissions to the table you want and manage them through the use of foreign keys.
Does that make sense?
Here is a good article but the things are discussed in general http://en.wikipedia.org/wiki/Access_controlenter link description here
In your case, use what TheCapn wrote and I'll just add, that its 'best to start session for every user and just check his access level when he's trying to reach a restricted part.
Personnaly, to do this kind of thing, i set a user level in the user table and a section level in the section table.
Then you simply have to filter the section according to your user level.
You can do this by adding a statemtn to you sql like
AND section_level >= "user_level";
or then again, get all the section and filter tham with php.
foreach($section as $s){
if ($s->level >= user_level) echo $s->title
}
Of course, you'll need to adjust the <. = and > according to the hierachy of your system.
I personnaly use a lowering hierachy, meaning, the lower the level you are the more right you have. This way you can make a 'banned' user by setting his level to 99 or something.
THis would be only for your menus, make sure you control the user_level on each page as well so if someone get to the page directly it get kicked..
Hope it points your in the right direction. ;)
In my database are 2 tables: "books" and "users". I'm displaying all the books on a page and would like the option for a user to click a little link "I've Read This", similar to Facebook's Like function with statuses. The user could click that they've read the book or unclick to "unread" the book. Other users logged in could also see who has read what. I'm questioning my approach and would like to get feedback on other directions to take for something like this.
What I had in mind was to have a field in the "users" table, maybe something like "books_read", in which I would store an array of values (book_id's). On the frontend where all the books are displayed, I would query the "books_read" field and if a value matched the current book_id, then underneath that book would be something like "User X has read this".
In short, I would store an array of "book_id"s in the "users" table to collect what books each user has read. I would pull this array and compare IDs to each book queried, and if there is a match, output that the user has read that book.
Am I missing something or maybe not looking at a cleaner approach?
In a RDBMS such as MySQL, it's rarely ever a good idea to store lists in a field, especially when you know you will be looking for specific pieces in the list later on. The database can not take advantage of an index by doing that.
Instead, you should make an additional table that links users and books read. Optionally, you could call it *users_books* and move read in to its own column.
users_booksread
-----------
user_id
book_id
Create a separate table, perhaps called book_read.
In it, for each book a user likes, store the user_id and the book_id.
Then you don't have messy arrays to deal with, everything is normalized, your design will be cleaner, and your database more flexible. Additionally, your user table won't have a bunch of extra crud bolted on to it that will affect performance in unfortunate ways.
Now i am working on a social network website and i already built the friends table for this website but i need some suggestion before i moved forward.
I have a user table where user_id is the primary field.
So for friends i made a friends table with fields like
friend1,friend2,is_active
what i do actually when user1 send a friend request to user2 then at that moment i insert the two rows into the friends table like
1- friend1->user1,friend2->user2,inactive
2- friend1->user2,friend2->user1,inactive
So when somebody accept the friend request at that moment i made the both rows as active.
I made this two entries as i want whenever one user block another then easily made that corresponding row belongs to that user will be inactive.
And if a user remove the user then at that time i delete the both entries.
So please i need some suggestion regarding this please help me out to solve this asap.
I need to know is there any other way which will be more optimized than this and giving proper result.
I think that
Friends_table
with
User_id1, User_id2 and Rleationship_id
is easier, index on both first and second column.
relationship id will be 1 - id1 request, 2- id2 request, 3 - friends, 4- id1 blocked, 5 - id2 blocked...
just an idea.
I have a simple social network project going and I would like to add a simple recommend this user profile function. A logged in user can 'recommend' a user once - its just like the 'This ansewr is helpful/not helpful' buttons here on posts in Stackoverflow. I want a simple table design to implement the exact idea - any tips?
A user can recommend any user ONLY once and likewise each profile would have a simple tally saying - this user has been recommended X times. Its just a number nothing real fancy or so...
[Recommender, Recommendee, Recommendation] PK being the first two fields ?
Since it is a many-to-many relationship, you will need a separate table- unique id (auto increment), recommender (userid), recommended (userid).