mrMarcus Posted October 25, 2009 Share Posted October 25, 2009 change === to == Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted October 25, 2009 Share Posted October 25, 2009 thing is, `level` is coming out of the db as a string, and using === is returning false because you are comparing a string to an integer. you can either do this: $_SESSION['level'] = (int)$level; //adding (int) will turn the numeric value from a string into an integer; then, === would return true; -OR- if ($_SESSION['level'] == '1') { compare $_SESSION['level'] to a numeric string retaining == as your comparable operator. Quote Link to comment Share on other sites More sharing options...
kaiman Posted October 25, 2009 Author Share Posted October 25, 2009 Yes! Finally got it working, he he! FYI, I changed my session stuff to this to get it to run correctly: if ($_SESSION['level'] == '1') { Thanks mrMarcus and others for all your help! The next question is - How do I do a check to make sure that regular users can't see admin pages, etc. So far I have this basic session check: <?php session_start(); if(!isset($_SESSION['username'])){ header("Location: http://www.example.com/login/" ); exit; } ?> How would I check for levels? Would something like this work? <?php // admin session check session_start(); if(!isset($_SESSION['username'])){ header("Location: http://www.example.com/login/" ); exit; } else ($_SESSION['level'] < 4) { echo "You Don't Have Permission to View an Admin Page"; exit (0); } ?> or do I need to pull the array from the db and register the $_SESSION 'level' again? Thanks a ton! kaiman Quote Link to comment Share on other sites More sharing options...
Andy-H Posted October 25, 2009 Share Posted October 25, 2009 Yes, that should work fine, I would advise casting to an integer before comparing to one with the less than operator. session_start(); if (!isset($_SESSION['username'])) { header('Location: http://www.example.com/login/'); exit; } if ( (int)$_SESSION['level'] < 4) { die('You do not have permission to view an Admin page'); } I would also advise you to rethink the level you have set for banned users. Or atleast direct them to a banned page, echo an explanation of why they have been banned and destroy their session upon login. Quote Link to comment Share on other sites More sharing options...
kaiman Posted October 25, 2009 Author Share Posted October 25, 2009 Thanks, I'll give this a try... BTW - I've been thinking the same thing... How about a user level scheme more like this one? 0 = banned user 1 = guest 2 = user - default 3 = author 4 = moderator 5 = admin Quote Link to comment Share on other sites More sharing options...
Andy-H Posted October 25, 2009 Share Posted October 25, 2009 That looks fine to me Quote Link to comment Share on other sites More sharing options...
kaiman Posted October 25, 2009 Author Share Posted October 25, 2009 * SOLVED * Thanks to everyone who has helped me sort this out over the past 24 hours... Cheers! kaiman Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.