Adding security to the top level menu

Is there a way to add security to the top level menu items?

For example: The menu would only show if the user has access.

Thanks,

The way you could set this up is to use dynamic menu items. The menu item could have a security rating on it, with the users having a security level stored in the database. When the user logs in, a session variable is set to store the security level the user has. In the recordset to get the links that the user has security clearance for, only get the links that the user has clearance for. So you would want to filter based on link security level <= user security level.

Why didn't I think of that. Great idea.

Thank you

No problem. If you run into any additional issues, feel free to open a new thread.

Could someone elaborate on Jimmy’s answer as I’m obviously doing something wrong as I can’t get it to work.

TIA

Hey Dave,

I think this is what he was saying to do:

You could first determine different levels for users - say user, superUser, and Admin.

Then when they log in, you create a session variable for their level. For purposes of this example, I will call it level.

Then, let's say you want to dynamically create link based on the user level. So in your database for menu items, you create a table of links where the columns are name (the name of the link that will be displayed), URLspot (the actual link that it will go to when pressed), and lastly, "userlevel" where you will put the attribute of what level can see the link.

Then you could dynamically create the links where the userlevel equals the "$_SESSION['level'] that you created on the authenticate user.

Regards,

Brian

Thanks Brian, I'll give it a go.

Dave

Thanks Brian for clarifying that. That's exactly what I was trying to explain to do.

I apologize up front if I've done this all wrong but any help you can give me would be appreciated.

I have 2 tables, one for members which includes authLevel to hold obviously their authorization level. 2 levels are stored, member and administrator.

Following the instructions above, I have added a second table of links that I'd like authorized or logged in members to be able to see. I have a column for the link name, one for the urls to go to when clicked and one for the authorization level, which is populated with member or administrator depending on who I want to see the link.

I need administrators to see all links and members to see some.

My problem is figuring out how to tie the authLevel from the members table to the authLevel of the links table. I have tried using the session variable $_SESSION['MM_UserID'] but am not doing the right things as it's not working.

Any elaboration on the steps involved would be great.

Thanks

The session variable shouldn't be linked to the userID, it should be linked to the user access level. Then you would want to check this user access level with the access level required to access the menu when generating the dynamic menu.