jigsawsoul Posted January 16, 2010 Share Posted January 16, 2010 OR ||, is not working if i run them on there own with out the OR they work fine, but when running them together like below admin doesn't work i just don't get logged in, just kicks me out, has no errors though. any help please function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (!isset($_SESSION["admin"]) || !isset($_SESSION["staff"])) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorised to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/ Share on other sites More sharing options...
ShadowIce Posted January 16, 2010 Share Posted January 16, 2010 function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } try that! good luck! also, you spelled "authorised" wrong. it's "authorized" Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996163 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 using the above code i have the same problem, i can loggin as a staff member but not as an admin. admin just returns me back to the login page displaying the error message. I thought the session my not be set to anything but when running the below code, i can login as an admin fine. function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } but i need staff to be able to login too. so i using this code. adding OR || function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } but now i can't loggin as an admin, just staff, admin returns to loggin with the error message. Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996167 Share on other sites More sharing options...
ShadowIce Posted January 16, 2010 Share Posted January 16, 2010 function sessionAuthenticate ( ) { // Are you logged in is admin, when trying to access this page? if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; //Else you are logged in as a staff or the admin }else if (isset($_SESSION["admin"]) == 1 || (isset($_SESSION["staff"]) == 0)){ header ("Location: admin.php"); } } Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996171 Share on other sites More sharing options...
hamza Posted January 16, 2010 Share Posted January 16, 2010 if iam not wrong then i heard something about isset() function that it do not work as expected sometime. i suggest you to use empty() in this check. if (empty($_SESSION["admin"]) == 0 || empty($_SESSION["staff"]) == 0) Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996179 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 if (empty($_SESSION["admin"]) == 0 || empty($_SESSION["staff"]) == 0) doesn't work at all, using this no one can login. as for ShadowIce code example. i don't want to go to a admin page, admin and staff see the same page, just admin has a different menu then staff anyone help why me Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996191 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 f_login.php <?php function authenticateUser ($username, $password) { $result = "SELECT * FROM web_login WHERE username = '$username' AND password = '$password'"; $result = mysql_query ($result) or die (mysql_error()); $row = mysql_fetch_assoc ($result); if (mysql_num_rows($result) == 1){ switch ($row['userlevel']) { case "1": // The username and password match, // Set the session as ADMIN. $_SESSION['admin'] = true; $_SESSION['login_id'] = $row['login_id']; $_SESSION['username'] = $username; // After login move logged in page header ('Location: index.php'); break; case "2": // The username and password match, // Set the session as USER. $_SESSION['staff'] = true; $_SESSION['login_id'] = $row['login_id']; $_SESSION['username'] = $username; // After login move loged in page header ('Location: index.php'); break; } } else { // The username and password doesn't match // Set error message $_SESSION["message"] = '<div class="error">Login failed. Please try again or <a href="recover.php">reset your password</a>.</div>'; // After error message move to login.php header ('Location: login.php'); } } function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (isset($_SESSION["admin"]) == 0 || isset($_SESSION["staff"]) == 0) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorized to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } ?> login2.php <?php session_start(); include ('_library/opendb.php'); include ('_functions/f_login.php'); $username = $_POST['username']; $password = $_POST['password']; authenticateUser ($username, $password); ?> index.php <?php session_start(); include ("_library/opendb.php"); include ("_functions/f_login.php"); sessionAuthenticate( ); ?> <!-- Page Header --> <?php include("_template/header.php") ?> <body> <div id="body-wrapper"> <div id="sidebar"><div id="sidebar-wrapper"> <!-- Sidebar Profile links --> <?php include("_template/profile-links.php") ?> <!-- Sidebar Main Navigation --> <?php include("_template/main-nav.php") ?> <!-- Sidebar Inbox Message --> <?php include("_template/messages.php") ?> </div></div> <!-- End #sidebar --> <div id="main-content"> <!-- No Javascript Enabled --> <?php include("_template/no-js.php") ?> <!-- Page Footer --> <?php include("_template/page-head.php") ?> <!-- Page Footer --> <?php include("_template/footer.php") ?> </div> <!-- End #main-content --> </div> </body> </html> <?php include ("_library/closedb.php") ?> Here's the full code, maybe the mistake is no another page? i don't see anything wrong. help help please Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996205 Share on other sites More sharing options...
jigsawsoul Posted January 16, 2010 Author Share Posted January 16, 2010 anyone ? Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996219 Share on other sites More sharing options...
phonydream Posted January 16, 2010 Share Posted January 16, 2010 Try: if (!(isset($_SESSION["admin"])) || (!(isset($_SESSION["staff"]))) Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996225 Share on other sites More sharing options...
ignace Posted January 16, 2010 Share Posted January 16, 2010 i can loggin as a staff member but not as an admin. admin just returns me back to the login page displaying the error message. That's because of how || works. I assume you want to show the not-authorized message whenever someone tries to do something while not an admin nor a staff member. Try: function sessionAuthenticate ( ) { // Are you loged in is admin, when trying to asscess this page if (!isset($_SESSION["admin"]) && !isset($_SESSION["staff"])) { // Set error message $_SESSION["message"] = "<div class='error'>You are not authorised to access the URL: <br> {$_SERVER["REQUEST_URI"]}</div>"; // After error message move to login.php header ("Location: login.php"); exit; } } Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996240 Share on other sites More sharing options...
oni-kun Posted January 16, 2010 Share Posted January 16, 2010 Yes, as ignace brought to light your logic was wrong. || means or, meaning if they are admin, it's asking 'If you're not admin OR not staff, exit.'. Is admin staff? No. Therefor it exits. Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996246 Share on other sites More sharing options...
ignace Posted January 16, 2010 Share Posted January 16, 2010 For future reference create a binary table: a | b | -a | -b | -a+-b | -a.-b | 0 | 0 | 1 | 1 | 1 | 1 | 0 | 1 | 1 | 0 | 1 | 0 | 1 | 0 | 0 | 1 | 1 | 0 | 1 | 1 | 0 | 0 | 0 | 0 | -a+-b = !a||!b -a.-b = !a&&!b As you can see in the above table it only returns true when both !a & !b return true where !a || !b only returned false when both !a & !b were false Quote Link to comment https://forums.phpfreaks.com/topic/188704-or-not-working-help-please/#findComment-996260 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.