Greetings, I explain my case:
Currently, in my system, in order to work, users log in and they see the corresponding options according to their user profile, the problem is that I only validate if the user has logged in, but not valid if the user file that the user has open is the one that corresponds to see, so, since that vacuum exists in my system, users make the bad practice of copying the URL of a system file (only users with "X" profile they can see) and they stick it in the address bar and they already work in an area they should not.
It is worth mentioning that, currently, user profiles hide me the menu options that users should not see, but if users copy and paste the URL they will be able to enter
How can I avoid that?
Option1: I do not have any problem in placing an indicative to each file of the system and to store in the database the list of files that each user can see, but I see that it is too much work since my system has approximately 1500 users and almost the same amount of files (interface files).
Option2 Another option that I have no problem implementing (and the one I most want to implement) is that I can store in the user profile table, the indications that the files in the system, then in the user interface validate that the profile The user has the file open with a specific call sign, example:
formular1.php (has a costante with a value)
validar_perfil($idusuario,$idperfil,VALOR_CONSTANTE);
//Esta funcion me validaría si el archivo identificado con el valor de CONSTANTE está dentro del catalogo de perfiles.
Basically the options are the same what changes is that the option 1 comparo indicative of file versus catalog that each user can see and the second comparison indicative of file versus profile that has access to that file.
What is the best way? Am I complicating my life? Are there more proposals that you can offer me?
I will appreciate your help.