Rev 831 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
Permissions in Phorum 5=======================This document describes the way the permission system of Phorum works.It is targeted at developers that need inside information on theAPI calls that are related to permission handling.Table of contents:1. Checking user permissions2. Modifying user permissions3. Some final notes1. Checking user permissions-------------------------------------------------------------------------------First and foremost, your code should use the function calledphorum_user_access_allowed() to check for a given user permissionin the current forum. However, if you find yourself needing to checkthe permisssion directly, here is some information.Permissions are stored using a bitmask. To check for a certain permission,simply use the bitwise AND (&) operator to match the permission against theuser's permissions.For example, if we want to check if a user has permission to reada particular forum, we would use the following if statement:if($PHORUM["user"]["permissions"] & PHORUM_USER_ALLOW_READ){// the user can read this forum} else {// the user can NOT read this forum}2. Modifying user permissions-------------------------------------------------------------------------------If you need to modify the permissions, use the bitwise OR (|) to adda permission or the bitwise XOR (^) to remove a permission. After youmake the change, save the user. Here is some example code:// add new topic permissions$PHORUM["user"]["permissions"] =$PHORUM["user"]["permissions"] | PHORUM_USER_ALLOW_NEW_TOPIC;phorum_user_save($PHORUM["user"]);// remove new topic permissions$PHORUM["user"]["permissions"] =$PHORUM["user"]["permissions"] ^ PHORUM_USER_ALLOW_NEW_TOPIC;phorum_user_save($PHORUM["user"]);3. Some final notes-------------------------------------------------------------------------------That should be all you need to know about the Phorum permission system.Here is some stuff that helped explain this to the other developers:> select (256 | 16);> That OR's the two numbers together.> you get 272> then:> select 16 & 272;> That returns 16.> So, in our data, the 272 represents what is in the database.> The 16 would be one of the permission constancts> Our constants would look like this:> define("PHORUM_USER_ALLOW_READ", 1);> define("PHORUM_USER_ALLOW_REPLY", 2);> define("PHORUM_USER_ALLOW_EDIT", 4);> define("PHORUM_USER_ALLOW_NEW_TOPIC", 8);> define("PHORUM_USER_ALLOW_UPLOAD", 16);> define("PHORUM_USER_ALLOW_ATTACH", 32);> define("PHORUM_USER_ALLOW_MODERATE_MESSAGES", 64);> define("PHORUM_USER_ALLOW_MODERATE_USERS", 128);> define("PHORUM_USER_ALLOW_FORUM_PROPERTIES", 256);> To give someone read and reply, we would set their perm to 1 | 2> Then, to check it, we would $user_perm_value & $perm == $perm> or in sql> where permission & $perm = $permAnother example to show that the = $perm can be left out:> select 1 | 2> read, reply> = 3> select 3 & 16> =0