jigsawsoul Posted January 16, 2010 Share Posted January 16, 2010 OR ||, is not working if i run them on there own with out the OR they work fine, but when running them together like below admin doesn't work i just don't get logged in, just kicks me out, has no errors though. any help please function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (!isset($_SESSION["admin"]) || !isset($_SESSION["staff"])) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorised to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/ Share on other sites More sharing options...
ShadowIce Posted January 16, 2010 Share Posted January 16, 2010 function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } try that! good luck! also, you spelled "authorised" wrong. it's "authorized" Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996163 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 using the above code i have the same problem, i can loggin as a staff member but not as an admin. admin just returns me back to the login page displaying the error message. I thought the session my not be set to anything but when running the below code, i can login as an admin fine. function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } but i need staff to be able to login too. so i using this code. adding OR || function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } but now i can't loggin as an admin, just staff, admin returns to loggin with the error message. Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996167 Share on other sites More sharing options...
ShadowIce Posted January 16, 2010 Share Posted January 16, 2010 function sessionAuthenticate ( ) { // Are you logged in is admin, when trying to access this page? if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; //Else you are logged in as a staff or the admin }else if (isset($_SESSION["admin"]) == 1 || (isset($_SESSION["staff"]) == 0)){ header ("Location: admin.php"); } } Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996171 Share on other sites More sharing options...
hamza Posted January 16, 2010 Share Posted January 16, 2010 if iam not wrong then i heard something about isset() function that it do not work as expected sometime. i suggest you to use empty() in this check. if (empty($_SESSION["admin"]) == 0 || empty($_SESSION["staff"]) == 0) Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996179 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 if (empty($_SESSION["admin"]) == 0 || empty($_SESSION["staff"]) == 0) doesn't work at all, using this no one can login. as for ShadowIce code example. i don't want to go to a admin page, admin and staff see the same page, just admin has a different menu then staff anyone help why me Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996191 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 f_login.php <?php function authenticateUser ($username, $password) { $result = "SELECT * FROM web_login WHERE username = '$username' AND password = '$password'"; $result = mysql_query ($result) or die (mysql_error()); $row = mysql_fetch_assoc ($result); if (mysql_num_rows($result) == 1){ switch ($row['userlevel']) { case "1": // The username and password match, // Set the session as ADMIN. $_SESSION['admin'] = true; $_SESSION['login_id'] = $row['login_id']; $_SESSION['username'] = $username; // After login move logged in page header ('Location: index.php'); break; case "2": // The username and password match, // Set the session as USER. $_SESSION['staff'] = true; $_SESSION['login_id'] = $row['login_id']; $_SESSION['username'] = $username; // After login move loged in page header ('Location: index.php'); break; } } else { // The username and password doesn't match // Set error message $_SESSION["message"] = '<div class="error">Login failed. Please try again or <a href="recover.php">reset your password</a>.</div>'; // After error message move to login.php header ('Location: login.php'); } } function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } ?> login2.php <?php session_start(); include ('_library/opendb.php'); include ('_functions/f_login.php'); $username = $_POST['username']; $password = $_POST['password']; authenticateUser ($username, $password); ?> index.php <?php session_start(); include ("_library/opendb.php"); include ("_functions/f_login.php"); sessionAuthenticate( ); ?> <!-- Page Header --> <?php include("_template/header.php") ?> <body> <div id="body-wrapper"> <div id="sidebar"><div id="sidebar-wrapper"> <!-- Sidebar Profile links --> <?php include("_template/profile-links.php") ?> <!-- Sidebar Main Navigation --> <?php include("_template/main-nav.php") ?> <!-- Sidebar Inbox Message --> <?php include("_template/messages.php") ?> </div></div> <!-- End #sidebar --> <div id="main-content"> <!-- No Javascript Enabled --> <?php include("_template/no-js.php") ?> <!-- Page Footer --> <?php include("_template/page-head.php") ?> <!-- Page Footer --> <?php include("_template/footer.php") ?> </div> <!-- End #main-content --> </div> </body> </html> <?php include ("_library/closedb.php") ?> Here's the full code, maybe the mistake is no another page? i don't see anything wrong. help help please Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996205 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 anyone ? Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996219 Share on other sites More sharing options...
phonydream Posted January 16, 2010 Share Posted January 16, 2010 Try: if (!(isset($_SESSION["admin"])) || (!(isset($_SESSION["staff"]))) Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996225 Share on other sites More sharing options...
ignace Posted January 16, 2010 Share Posted January 16, 2010 i can loggin as a staff member but not as an admin. admin just returns me back to the login page displaying the error message. That's because of how || works. I assume you want to show the not-authorized message whenever someone tries to do something while not an admin nor a staff member. Try: function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (!isset($_SESSION["admin"]) && !isset($_SESSION["staff"])) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorised to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996240 Share on other sites More sharing options...
oni-kun Posted January 16, 2010 Share Posted January 16, 2010 Yes, as ignace brought to light your logic was wrong. || means or, meaning if they are admin, it's asking 'If you're not admin OR not staff, exit.'. Is admin staff? No. Therefor it exits. Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996246 Share on other sites More sharing options...
ignace Posted January 16, 2010 Share Posted January 16, 2010 For future reference create a binary table: a | b | -a | -b | -a+-b | -a.-b | 0 | 0 | 1 | 1 | 1 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 1 | 0 | 0 | 1 | 1 | 0 | 1 | 1 | 0 | 0 | 0 | 0 | -a+-b = !a||!b -a.-b = !a&&!b As you can see in the above table it only returns true when both !a & !b return true where !a || !b only returned false when both !a & !b were false Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996260 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.