You would need to create a groups table and then intersect that table with the user table...
Example:
tbl_Groups GroupID
Group_Name
Group_Added
Group_Edited
tbl_Users UserID
Username
Password
tbl_Users_Groups UserID
GroupID
Then you should create a central CUSTOM TAG or a MODULE that would check the security.
Example (in your header file):
Code:
<cfif (isdefined("attributes.secure")) AND (#attributes.secure# eq "on") AND (isdefined("attributes.datasource"))>
<cfif (isdefined("client.userid")) AND (isnumeric(client.userid))>
<cfquery name="CheckSecurity" datasource="#attributes.datasource#">
SELECT G.GroupID, U.UserID
FROM tbl_Users_Groups UG INNER JOIN tbl_Users U ON U.UserID = UG.UserID
INNER JOIN tbl_Groups G ON G.GroupID = UG.GroupID
WHERE (UG.UserID = <cfqueryparam cfsqltype="CF_SQL_INTEGER" value="#client.userid#">) AND (UG.GroupID = <cfqueryparam cfsqltype="CF_SQL_INTEGER" value="#attributes.groupid#">)
</cfquery>
<cfif (#CheckSecurity.recordcount# eq 0)>
<cflocation url="error.cfm" addtoken="no">
<cfelse>
<cfoutput query="CheckSecurity">
<cfset client.userid = #UserID#>
<cfset client.groupid = #GroupID#>
</cfoutput>
</cfif>
<cfelse>
<cflocation url="login.cfm" addtoken="no">
</cfif>
</cfif>
Call to the header module:
Code:
<cfmodule template="header.cfm"
secure="on"
datasource="#ds#"
groupid="1"
>
All this was from the top of my head, so there may be some coding errors, but you should get the gist of it.
More examples and code assistance for CF can be found at:
http://www.cfhub.com/ ========================================
Buh Bye!
Cheers,
Me
