How can PHP sessions be used to store not only user login status but also user roles for access control?

To store user roles for access control in PHP sessions, you can set a session variable for the user's role after they log in. This session variable can then be checked on protected pages to determine if the user has the necessary role to access the content.

// After successful login, set the user&#039;s role in a session variable
$_SESSION[&#039;user_role&#039;] = &#039;admin&#039;;

// On protected pages, check the user&#039;s role before allowing access
if ($_SESSION[&#039;user_role&#039;] !== &#039;admin&#039;) {
    // Redirect the user or display an error message
    header(&quot;Location: unauthorized.php&quot;);
    exit();
}

Keywords

PHP sessions user login status user roles access control session variables

How can PHP sessions be used to store not only user login status but also user roles for access control?

Keywords

Related Questions