First, create a new field in your users_tab named "tables_user". This field is where you will enter the allowed table(s) per user separated by commas.
In check_login.php, edit the code below adding the bold line:
// if the user type correspond to the administrator type
if ($_SESSION['logged_user_infos_ar']['user_type_user'] === $users_table_user_type_administrator_value) {
$current_user_is_administrator = 1;
$enable_authentication = 0;
In business_logic.php, locate the function named build_tables_names_array and add the bold parts shown below:
function build_tables_names_array($exclude_not_allowed = 1, $exclude_not_installed = 1, $inlcude_users_table = 0)
// goal: build an array ($tables_names_ar) containing the names of the tables of the db, excluding the internal tables, get the list from $table_list_name tab if $exclude_not_installed = 1, otherwise directly from the DBMS
// input: $exclude_not_allowed (1 if the tables excluded by the user are excluded), $exclude_not_installed (1 if the tables not installed are excluded), $inlcude_users_table (1 if it is necessary to include the users table, even if the user is not admin (useful in admin.php)
// output: $tables_names_ar
{
global $conn, $db_name, $prefix_internal_table, $table_list_name, $quote, $users_table_name, $current_user_is_administrator, $dbms_type, $current_user;
..... rest of code of function .....
$z++;
} // end if
} // end for
} // end else
if($current_user && $current_user_is_administrator === 0) {
$sql = "SELECT tables_user FROM ".$quote.$users_table_name.$quote." WHERE username_user = '$current_user'";
$res = execute_db($sql, $conn);
$row = fetch_row_db($res);
$usertables = $row[0];
if ($usertables) { $tables_names_ar = explode(",", $usertables); }
}
return $tables_names_ar;
} // end build_tables_names_array function
To have ONLY the allowed tables displayed per user (or none if only one table), make the following bold changes to the build_installed_table_infos_ar function:
function build_installed_table_infos_ar($only_include_allowed, $exclude_users_tab_if_not_admin)
// goal: build an an array containing infos about dadabik installed tables
// input: $only_include_allowed (0|1) $exclude_users_tab_if_not_admin(0|1)
// output: the array
{
global $table_list_name, $users_table_name, $conn, $quote, $current_user_is_administrator, $current_user;
..... rest of code .....
$i=0;
$sqltable = "SELECT tables_user FROM users_tab WHERE username_user = '".$current_user."'";
$disptable = execute_db($sqltable, $conn);
$row2 = fetch_row_db($disptable);
$usertables = $row2[0];
$disptbl = array();
if ($usertables) { $disptbl = explode(",", $usertables); }
while ($row = fetch_row_db($res)) {
if (($current_user_is_administrator === 1 || $row['name_table'] !== $users_table_name || $exclude_users_tab_if_not_admin === 0) && (in_array($row['name_table'],$disptbl))) {
..... rest of code .....
return $installed_table_infos_ar;
} // end function build_installed_table_infos_ar()
That's it - copy/paste the code as outlined and you should be in business.
In check_login.php, edit the code below adding the bold line:
// if the user type correspond to the administrator type
if ($_SESSION['logged_user_infos_ar']['user_type_user'] === $users_table_user_type_administrator_value) {
$current_user_is_administrator = 1;
$enable_authentication = 0;
In business_logic.php, locate the function named build_tables_names_array and add the bold parts shown below:
function build_tables_names_array($exclude_not_allowed = 1, $exclude_not_installed = 1, $inlcude_users_table = 0)
// goal: build an array ($tables_names_ar) containing the names of the tables of the db, excluding the internal tables, get the list from $table_list_name tab if $exclude_not_installed = 1, otherwise directly from the DBMS
// input: $exclude_not_allowed (1 if the tables excluded by the user are excluded), $exclude_not_installed (1 if the tables not installed are excluded), $inlcude_users_table (1 if it is necessary to include the users table, even if the user is not admin (useful in admin.php)
// output: $tables_names_ar
{
global $conn, $db_name, $prefix_internal_table, $table_list_name, $quote, $users_table_name, $current_user_is_administrator, $dbms_type, $current_user;
..... rest of code of function .....
$z++;
} // end if
} // end for
} // end else
if($current_user && $current_user_is_administrator === 0) {
$sql = "SELECT tables_user FROM ".$quote.$users_table_name.$quote." WHERE username_user = '$current_user'";
$res = execute_db($sql, $conn);
$row = fetch_row_db($res);
$usertables = $row[0];
if ($usertables) { $tables_names_ar = explode(",", $usertables); }
}
return $tables_names_ar;
} // end build_tables_names_array function
To have ONLY the allowed tables displayed per user (or none if only one table), make the following bold changes to the build_installed_table_infos_ar function:
function build_installed_table_infos_ar($only_include_allowed, $exclude_users_tab_if_not_admin)
// goal: build an an array containing infos about dadabik installed tables
// input: $only_include_allowed (0|1) $exclude_users_tab_if_not_admin(0|1)
// output: the array
{
global $table_list_name, $users_table_name, $conn, $quote, $current_user_is_administrator, $current_user;
..... rest of code .....
$i=0;
$sqltable = "SELECT tables_user FROM users_tab WHERE username_user = '".$current_user."'";
$disptable = execute_db($sqltable, $conn);
$row2 = fetch_row_db($disptable);
$usertables = $row2[0];
$disptbl = array();
if ($usertables) { $disptbl = explode(",", $usertables); }
while ($row = fetch_row_db($res)) {
if (($current_user_is_administrator === 1 || $row['name_table'] !== $users_table_name || $exclude_users_tab_if_not_admin === 0) && (in_array($row['name_table'],$disptbl))) {
..... rest of code .....
return $installed_table_infos_ar;
} // end function build_installed_table_infos_ar()
That's it - copy/paste the code as outlined and you should be in business.