Brian W Posted November 20, 2008 Share Posted November 20, 2008 Need help with this function to check user access level. User levels: Admin = 1, Moderator = 2, User = 3, Guest = 4 here is my function functions.php: //Check User Level function check($rank = "1, 2, 3", $mode ="home.php"){ session_start(); $rank_a = explode(',', $rank); if(!in_array($_SESSION['Group'], $rank_a)){ return header('Location: '.$mode); return die(); } } Okay, so it likely doesn't look right to you. Reason why is cuz it doesn't work. I place this in my header Home.php (Line 1): <?php include('functions.php'); check("1, 2, 3", 'SignIn.php'); ?> Any input appreciated. Thanks Quote Link to comment Share on other sites More sharing options...
Brian W Posted November 20, 2008 Author Share Posted November 20, 2008 Sorry, forgot to say what it is doing right now. "Nothing" it seriously just acts like I didn't even ask. Quote Link to comment Share on other sites More sharing options...
xtopolis Posted November 20, 2008 Share Posted November 20, 2008 Well, you are splitting on "," when the string is separated by ", " <-- notice the space you have between numbers. That may or may not be causing trouble. Also, you need to be sure that $_SESSION['Group'] contains a 1-4 value. Secondly, I don't think you need "return" before header if you're causing a header redirect... nor the return die() since a header redirect should make it never reach that point.. maybe just leave the die() in there. Thirdly, you could pass an array instead of string. Also, you should put at the top of the page: error_reporting(E_ALL); to see if it outputs any errors or warnings Quote Link to comment Share on other sites More sharing options...
networkthis Posted November 20, 2008 Share Posted November 20, 2008 $rank = "1"; if ($rank==1){ header("location: http://www.mapquest.com"); die(); } if ($rank==2){ header("location: http://www.monster.com"); die(); } if ($rank==3){ header("location: http://www.google.com"); die(); } if ($rank==4){ header("location: http://www.msn.com"); die(); } Quote Link to comment Share on other sites More sharing options...
Brian W Posted November 20, 2008 Author Share Posted November 20, 2008 Thanks for the reply, xtopolis. Well, the explode on "," I think is working because the in_array is returning true. Checking if the session value is between 1-4 is done by me defining the array of okay numbers. Here is my revision with an additional piece check for Username which does work. function check($rank = "1, 2, 3", $mode ="Home.php"){ session_start(); if($_SESSION['Username'] = '' || !isset($_SESSION['Username'])){header('Location: SignIn.php'); } $rank_a = explode(',', $rank); if(!(in_array($_SESSION['Group'], $rank_a))){ header('Location: '.$mode); } } I have the die() just in case the header() don't work, just in case. What do you mean by "you could pass an array instead of string"; E_ALL is set in my .ini on this server. But never hurts to suggest when trouble shooting. I'm 90% sure that I'm coming is as Group = 5. I'm going to run an experiment though. Quote Link to comment Share on other sites More sharing options...
xtopolis Posted November 20, 2008 Share Posted November 20, 2008 First, this code takes an array, and also has a default of an array for the argument $rank. Second, I ran into a scope problem when testing this function... I placed the var $g (in place of $_SESSION['Group']) outside the function, and above it, and it was not defined. So double check that $_SESSION['Group'] has the right value in your function. Third, you had some extra () btwn ! and in_array, perhaps removing them helps, perhaps not. <?php function check($rank = array('1', '2', '3'), $mode ="Home.php"){ session_start(); if($_SESSION['Username'] = '' || !isset($_SESSION['Username'])){header('Location: SignIn.php'); } if(!in_array($_SESSION['Group'], $rank)){ header('Location: '.$mode); } } check(array(1,2,3,4), 'SignIn.php'); ?> Quote Link to comment Share on other sites More sharing options...
Brian W Posted November 20, 2008 Author Share Posted November 20, 2008 Well, I'm definitely coming in with $_SESSION['Group'] = 5, so that's not it. I'd like not to have to make an array every time I want to use the function, so that is why I used explode which to my understanding makes an array out of the values. I've modified the script a bit function check($rank = "1, 2, 3", $mode ='Home.php'){ session_start(); if($_SESSION['Username'] = '' || !isset($_SESSION['Username']) || !isset($_SESSION['Group'])){header('Location: SignIn.php'); } $rank_a = explode(',', $rank); if(in_array($_SESSION['Group'], $rank_a) == FALSE){ header('Location: '.$mode); die(); } } Thanks again xtopolis. Appreciate the help. Quote Link to comment Share on other sites More sharing options...
xtopolis Posted November 20, 2008 Share Posted November 20, 2008 Ok, so I think I know what's up. (maybe) You're saying in this function: If the Group # is not in rank, redirect them to signup. However you're not giving them a condition if their number IS in the array. <?php function check($rank = "1, 2, 3", $mode ='Home.php'){ session_start(); if($_SESSION['Username'] = '' || !isset($_SESSION['Username']) || !isset($_SESSION['Group'])){header('Location: SignIn.php'); } $rank_a = explode(',', $rank); if(!in_array($_SESSION['Group'], $rank_a)){ header('Location: '.$mode); die(); }else{ header('Location: Home.php'); } } ?> Perhaps modify your function to take 2 argument urls, a success and failure url, success perhaps being home.php, and failure being signin.php. Or is that not it? I tested it with two simple pages as you described in your main post, and it seemed to function as written. Quote Link to comment Share on other sites More sharing options...
Brian W Posted November 20, 2008 Author Share Posted November 20, 2008 Well, the intent of the function is to be placed as the first item in ever page to be sure that people are signed in. If it were to redirect you to a new page if you are in the list, then that page would also need to be secured hence being pointless. lol The function should simply take no action if they are okay to be viewing the page. Question though, is session_start() allowed to be called in a function? I'm going to do some testing. Thanks again. Quote Link to comment Share on other sites More sharing options...
Brian W Posted November 20, 2008 Author Share Posted November 20, 2008 F***, you know how I said I was 90% sure, I was. That 10 percent nicked me in the ass I'd say. At some point, my wires got crossed and the Rank/Group was being pulled from the wrong column which when I signed in made the rank 1. F*** sorry for the waist of time. Thanks again xtopolis Quote Link to comment Share on other sites More sharing options...
xtopolis Posted November 20, 2008 Share Posted November 20, 2008 Ha, nice. Well then, it was working as written :3 Quote Link to comment Share on other sites More sharing options...
Brian W Posted November 20, 2008 Author Share Posted November 20, 2008 face, palm. forehead, desk. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.