I have an admin with 5 or 6 user types (admins, users, partners, curators, vendors, etc.) each can have access to different pages as well as different functions within a page. Wondering what best practices might be in designing a methodology for this with least amount of if statements, which is pretty much how I handle it now.
I have been a PHP developer for 13 years and have experience building enterprise applications.
What framework are you using? Most PHP frameworks have a built in authentication and authorization mechanism. For example, Yii has a builtin RBAC system that allow you to define a hierarchical permission system.
If you're not using a framework or you just want to implement your own system for whatever reason then you can utilize Object Oriented Design and implement a Base controller (if MVC) that checks the permission for each request. That won't use a lot of if statements.
Probably need more info, to give definitive guidance. Hope that helps.