Storing access privileges in the user database
This building block is required only if you want certain logged-in users to have different access privileges. If you simply require users to log in, then you dont need to store access privileges.
If you want certain logged-in users to have different access privileges, make sure your database table of users contains a column specifying each users access privileges (Guest, User, Administrator, and so on). The access privileges of each user should be entered in the database by the site administrator.
In most database applications, you can set a column to a default value each time a new record is created. Set the default value to the most common access privilege on your site (for example, Guest); then manually change the exceptions (for example, changing Guest to Administrator). The user now has access to all administrator pages.
Make sure each user in the database has a single access privilege, such as Guest or Administrator, not multiple privileges like "User, Administrator". If you want to set multiple access privileges for your pages (for example, all guests and administrators can see this page), then set those privileges at the page level, not the database level.
- Redirecting unauthorized users to another page