Drupal user access role function

This is a little function that can be used like user_access but for checking if the user is in some role.

* Check if user has role
* @param unknown_type $role
* @return unknown
function _user_has_role($role) {
global $user;

if (is_string($role)) {
$role = array($role);

foreach ($role as $key => $role_name) {
if (in_array($role_name, $user->roles)) {
return TRUE;

return FALSE;


//implementation of has one of the roles
if (_user_has_role(array('sales', 'management', 'admin'))) {
//some actio

Drupal filesystem permissions

Here are the basic permissions of an Drupal 6.x installation, after you have let Drupal write to your settings file. During the installation you have to have the permissions set to 755 to let Drupal write to the settings.php file. An easy way to check if your site is secure is to go to the status page (admin/reports/status).