Member Database

I'm interested in making a database for an organization that contains info about all its members, like Name, e-mail, etc.. The database can be altered by admins like Adding, editing, removing members. When a normal viewer comes to see it. They can order the database by Alphabetical or they can select a certain sub-group inside the organization and view the members within the sub-group. How hard would this be to do?

It wouldn't be that hard. It really depends on how experienced you are with MySQL (I presume that's what you are using) and PHP..

This is the table layout I was thinking

Users Table
userId | userGroupId | userName | userEmail | etc etc etc...

Group Table
groupId | groupName

A query to select the userId, userName and groupName of all users ordered by their name could for example be formed like this:
SELECT users.userId, users.userName, groups.groupName FROM users LEFT JOIN groups ON users.userGroupId = groups.groupId ORDER BY users.userName asc; (note: change between desc or asc to change between descending or ascending sort)

...

If you were thinking more towards PHP you could be interested in an authentication article/tutorial I'm writing for devarticles.. it should be published later today or tomorrow..

Thanks alot! Now you're making me think I can actually do this.

hi,

you may also want a field in the members table called "status" (or the like) which will determin the status of each member. This way you can run basic IF statements to decide if certain people have the right to do certain things on the site.

ie: If you registered as a normal member (limited functions eg: read only access on the site) your status might be set to "2".
If you are an aministrator you might set your "status" field to "1".

Then you can run statements such as

if $status != "1"
//display arror message or redirect to another page
else
draw the admin table to edit users details / delete user etc


or something like that!

On the other hand, you could simply create another table and call it "admin"... this would keep it seperate from the normal members table.

Look out for Lindsets article, and this could be linked in very nicely!!

yeah, i would definately need to have admins put aside from the normal users. how would i display different menus & options for the admins?

Check out Lindset's article on Authentication... it will answer any questions you have.

I took a look and don't think it is what I mean. In my database, I would require everyone to login. People with Super Admin status could have more features then someone who has regular admin status. Likewise, someone with regular access has only the basic features.

What you can do is similar to what Lindset said:

Users Table
userId | userGroupId | userName | userEmail | etc etc etc...

Group Table
groupId | groupName

You can add another column "userLevel" to the Users table which determines their access level. Those with level 1 have access to Super Admin areas, those with 2 have admin access, and all others have "user" access.

When you're authenticating a user for login access, also check their access level... On each page you want to block for "Super Admin", have an if statement to verify their access level:

if ($userLevel > 1){
// output msg to advise they don't have enough access
} else {
// grant access
}


... Just a suggestion!

yeah, I agree with FrankieShakes... at the top of each page which requires "super member" status.. add code as Frankie says.

What I do is when the user logs in or registers, the "member status" field is returned to a session variable, then at the top of every page I check the value of that variable.

I think this is a secure way of checking the user status..?

If you use cookies to validate the user.......I believe that people can change cookies on their computer to allow them to have full access to a site...but I might be wrong?!

I wouldn't mind some advice on the security issue.... is a session variable secure? or can the value be changed??!

Yeah, I was thinking of doing what FrankieShakes said, however what I mean is after everyone logs in, they get taken to index.php or something. Yet people with Level 1 (Super Admin) would see a different menu with more options then a Level 3 (Regular) would.

War-Angel,

In your statement that checks if the user has "super admin" access, you would just put an include statement:

include("superadmin.php");

so...

if (userlevel = 'superadmin')
{ include("superadmin.php"); }
if (userlevel = 'regular)
{ include("normal.php"); }

Like that?

that way is probably the best.... for security purposes.. but I have only one menu (menu.php) and at the top I work out what the users membership rights are...

then I use simple if statements to decide if the button is drawn...

so:

if member is superadmin
//draw button
else
//dont draw button


then the next button would be the same etc etc...

I agree with wAr-AnGeL in that using includes might be better... but I am layzeee so I used one file... so I didnt need to update two seperate files if I change colours etc etc....!!

Fakker,

You would probably save a lot of time and hasssle if you used an include... for changing colors, link the page to an external stylesheet (CSS). This way any changes are done to one file, but the changes affect multiple pages.

aaah of course!

cheers!!!!