Simple Access Control
Friday, January 28, 2011
In my previous post, I looked at using a controller plugin as part of a more complex access control system based on an access control list. However, sometimes a simpler solution makes sense. For instance, in a recent project, I just needed to restrict access to the admin section of the site. The admin section was contained within the admin module. I therefore need to check only two things:
- Was the user trying to access something in the admin section?
- Was the user logged in as admin?
I still needed to add the mechanism for logging in, but there was no need for an access control list, and the implementation of the Access Control Plugin was much simpler. (more…)

Practical Web 2.0 Applications with PHP (Expert's Voice) by Quentin Zervaas
Beginning Databases with PostreSQL: From Expert to Professional 2nd Edition: From Novice to Professional by Neil Matthew, Richard Stones