php - Better admin security -

php - Better admin security -

i seek create firs cms , have querstion security. right have seperated admin area , public area. admin area in folder "admin" , public area in folder "public". both folders in folder "cms". in both maps example: file called "index.php". , content same in admin's index.php have few more features example: in admin's navigation have logout , settings options. improve if 2 folders create 1 called "public" , both "index.php" connect 1 file , command $_session add together additional features navigation? example: if admin logged in session show settings , logout features navigation. when user logged out won't see settings , logout featuers in navigation because show when user has set session. so, improve , more secure have seperated admin , public folder or same if set in 1 file?

in cms, utilize same page public, users, , admins.

the different in showing functionality based on group.

i.e. normal visitors (public) users not see except published contents. if visitor signed in account, see peaces here , there (i.e. profile img, personal info, alter email/password). on other hand, admin has own extras well, such command users, messages, , etc.

off course of study times there totally new things not shared between these 3 levels of privileges. in case, create separate page them...

the of import things here check user grouping , based on grouping display part , hide part.

something like

if user grouping == 1 // admin { display admin_sidebar.php } elseif user grouping == 2 // fellow member { display member_profile.php link }

also off course of study need utilize sessions handle grouping after user logged in website.

hope helps...

php mysql session login