06-21-2002, 12:42 PM
I have a forum that I've made but how would I go about checking for admin privlages on most pages. As to find it out I would take the username from the users cookie and find it in the database.
But it seems a bit repetitive to do this on each page - is there a way to create a function (similar to in VB) such as isAdmin(strUser) and return a boolean which could be called by each page?
Thanks for any help - this is confusing me slightly as how to go about it :)
06-21-2002, 12:56 PM
There is a bunch of ways you could do this. If there are only two possbile permissions (Admin and not an Admin), then you could do this:
Private Function IsAdmin(strUser)
"SELECT [User] " & _
"FROM [Users] " & _
"WHERE [UserType]='Admin' AND [User]='" & strUser & "'", adoCon,3,3,1
IsAdmin = (RS.RecordCount > 0)
Set RS = Nothing
'Call the function only one time per session. (Don't have to constantly
'keep opening the recordset
Session("IsAdmin") = IsAdmin(THE_USER)
06-21-2002, 01:16 PM
Thanks for that, I didn't know about the session command so thanks :)
but would that be in it's own asp file or in each asp file?
...if i just put it into the main page then if the user didn't load the main page their admin status wouldn't be known.
06-21-2002, 02:59 PM
You could implement it in the login portion of your page and then set the Session(IsAdmin) value there. That way, the recordset is only opened one time per session and not with every page load (very redundant).
That value is available over the entire scope of your site. So, in each page, you simply need to check the value of IsAdmin. Conceptually, I guess you could call it a "global variable".
It is important to note that, in IIS and PWS, the default session expiration time is 20 mins. You can set this to whatever you want with:Session.Timeout = 5Once the session expires, any session variables are gone. So, in your case, the person would lose Administrative capabilities.
06-21-2002, 03:09 PM
Right, thanks - i'm still very much in the learning stage, so learning things like that from the start can help :)