Rather than a string to parse, store them as an array in $_SESSION
. This makes it much easier to modify individual permissions without having to do piles of string operations.
session_start();
$_SESSION['permissions'] = array();
$_SESSION['permissions']['dothis'] = TRUE;
$_SESSION['permissions']['dothat'] = FALSE;
$_SESSION['permissions']['doanother'] = TRUE;
Addendum
You might have figured this out already, but I thought I would add that it is easiest to interact with these via a few tiny functions. These will save a lot of typing (and typing errors), and make sure the values all end up as booleans.
function grant($permission) {
$_SESSION['permissions'][$permission] = TRUE;
}
function revoke($permission) {
$_SESSION['permissions'][$permission] = FALSE;
}
// Test if the user is allowed to do $permission
// FALSE if the permission isn't set
function user_can($permission) {
return isset($_SESSION['permissions'][$permission]) ? $_SESSION['permissions'][$permission] : FALSE;
}
The you can just call them as:
grant('dothis');
revoke('dothat');
if (user_can('doanother')) {
// congratulations you're allowed
}