Forum Moderators: coopster
I'm just working on something and I'm stuck on working out the logical order/placement of something.
Now the best example for this is probably a community site where you can have galleries and profiles with different privacy settings.
Now say a user had their profile set to 'All' but a gallery set to 'friends only' where is the best way to 'challenge' the permissions of the incoming user? i.e they can view the profile but not the gallery. Would I be better of running the challenge on every gallery that is returned from the db or do you think a seperate 'privacy' class would be the best way to handle this?
I'd like to lean more toward the class way of doing this as their is already have user(currently logged in) and member(person viewing) classes so this could possibly extend one of them.
Many Thanks
So if your clients tend to be on the site for a long time, this may well work.
If people just tend to look at 3 or 4 pages then you may want to query the specific page against the user for each page load.
There may be a cunning way that you could store all of this in a cookie. However you need to look out for people tampering with there cookie. So this is not an ideal solution, but would cut down on database lookups.
The permissions themselves are stored in the database via the gallery table and differ for each gallery so it simply has an int value and depending on what member they are looking at they could have different permissions. So i think it needs to be queried for every gallery against the viewing user. I don't think it can be a cookie as you never know what members they will look at.
Thanks for the reply though.
