Topic: User Access Levels
This is an extract from the file CONFIG.PHP regarding the User Access Levels:
"Security Group definitions - Depending on the AccessLevel of the user defined in the user set up the areas of functionality accessible can be modified.
Each AccessLevel is associated with an array containing the security categories that the user is entitled to access Each script has a particular security category associated with it.
If the security setting of the page is contained in the security group as determined by the access level then the user will be allowed access.
Each page has a $page_security = x; variable
This value is compared to contents of the array applicable which is based on the access level of the user.
Access authorisation is checked in header.inc this is where _SESSION["AccessLevel"] is the index of the security_groups array. If you wish to add more security groups with then you must add a new SecurityHeading to the security_headings array and a new array of Security categories to the Security Groups array
This mechanism allows more fine grained control of access security_groups is an array of arrays
The index is the order in which the array of allowed pages is defined new ones can be defined at will or by changing the numbers in each array the security access can be tailored. These numbers need to read in conjunction with the Page Security index"
$security_headings = array( _("Inquiries"), _("Accountant"), _("System Administrator") ); $security_groups = array( array(1,2), array(1,2,3,4,5,6,7,8,9,10,11,12,13,14), array(1,2,3,4,5,6,7,8,9,10,11,12,13,14,15) );
As you can see there are 3 levels of User Access Levels at present. The corresponding arrays shows which pages a user can access. Every page has its own security level.