MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Check Whether User is in a Certain Group
Full Version: Check Whether User is in a Certain Group
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Flawless

2014-11-05, 05:28 PM
I'm developing a custom page where I only want certain groups to be able to access. Inside my PHP file, I'm trying to have the script check whether the user is part of a group, if not then an error_no_permission occurs. Here is my code that isn't working so far:

global $db, $mybb;


if ($mybb->user['usergroup'] != 4 || $mybb->user['usergroup'] != 6|| $mybb->user['usergroup'] != 3 ) 
{
error_no_permission();
}

If I have it just check if the user is an admin:

global $db, $mybb;



if ($mybb->user['usergroup'] != 4) 
{
error_no_permission();
}

The code works fine. It's when I'm trying to check a few different groups.

Any help is appreciated!

Darth Apple

2014-11-05, 05:34 PM
I generally just write my own function for my plugins. If you are trying to check the user who is viewing the page, the following should work. 

function check_permissions ($allowed_groups) {
	global $mybb;
	
	if (empty($allowed_groups)) {
		return false; // no need to check for permissions if no groups are allowed. 
	}
	if ($allowed_groups == "-1") {
		return true; // no need to check for permissions if all groups are allowed. 
	}
	$usergroup = $mybb->user['usergroup'];
	$allowed = explode(",", $allowed_groups);
	$groups = array();
	$groups[0] = (int)$usergroup; 
	$add_groups = explode(",", $mybb->user['additionalgroups']);
	$count = 1;
	foreach($add_groups as $new_group) {
		$groups[$count] = $new_group;
		$count++;
	}
	foreach ($allowed as $allowed_group) {
		if (in_array($allowed_group, $groups)) {
			return true;
		}
	}
	return false;
}

If you are trying to check the permissions for a user who may or may not be the viewer of the page, the following should work: 

function check_permissions ($allowed_groups, $usergroup, $additionalgroups) {
	global $mybb;
	
	if (empty($allowed_groups)) {
		return false; // no need to check for permissions if no groups are allowed. 
	}
	if ($allowed_groups == "-1") {
		return true; // no need to check for permissions if all groups are allowed. 
	}

	$allowed = explode(",", $allowed_groups);
	$groups = array();
	$groups[0] = (int)$usergroup; 
	$add_groups = explode(",", $additionalgroups);
	$count = 1;
	foreach($add_groups as $new_group) {
		$groups[$count] = $new_group;
		$count++;
	}
	foreach ($allowed as $allowed_group) {
		if (in_array($allowed_group, $groups)) {
			return true;
		}
	}
	return false;
}

I'm sure there is a cleaner way to do this, but that's how I do it in my plugins. The groups are passed as strings, so $allowed_groups might be something like "3,4,6" for example.

Flawless

2014-11-05, 07:08 PM
Thanks for the reply. So if I use your first answer, I would call the function by performing: check_permissions("3,4,6,12");

After I do that, would I then check if it returned true by doing something like this?

if(check_permissions() == true)
{
   //Show the page
}
else
{
 $error_no_permission;
}

Thank you very much.

Darth Apple

2014-11-05, 07:12 PM
Yep, pretty much. In fact, the error_no_permission() and error() functions stop execution and output the page, so you could really do something like this: 

if(!check_permissions("3,4,6,12"))
{
   error("you do not have access to view this page"); 
}
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 General Support > Check Whether User is in a Certain Group