Jump to content


Photo

no access


  • Please log in to reply
3 replies to this topic

#1 Blackicer

Blackicer
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 07 September 2006 - 01:32 PM

ok, say you have a site and people want to gain access..

now, in your mysql database you have a field called level, in that level only those >5 can view the page. how do you stop others from viewing it. i dunno if i made that clear enough... but what i wanna do is granted the page(s) do exist.. just make it look like it don't exist.

#2 AdRock

AdRock
  • Members
  • PipPipPip
  • Advanced Member
  • 911 posts

Posted 07 September 2006 - 01:51 PM

you need to use sessions

Is the page only able to be viewed by people who have registered and have access level greater than 5?

On the page where you want to only allow level 5 access you use something like

session_start();
session_register("session");

if(!isset($session['userlevel'])=>5){
echo "<center><font face='Verdana' size='2' color=red>Sorry, you don't have sufficent access rights to use this page </font></center>";
exit;

I'm not sure if i got the =>5 bit in the right place but it's along those lines
}
If your topic has been solved, please mark the topic as SOLVED.

This helps others from identifying which topics need help still

#3 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 07 September 2006 - 02:01 PM

That code's not quite right...

if(!isset($session['userlevel'])=>5){
echo "<center><font face='Verdana' size='2' color=red>Sorry, you don't have sufficent access rights to use this page </font></center>";
exit;

Notice the ! before the isset()... That means negative, so in essence you're saying "if the session isn't set, and is greater than 5"... That will always evaluate to false, as something that has no value can never be greater than 5.

Regards
Rich
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools

#4 HuggieBear

HuggieBear
  • Members
  • PipPipPip
  • Advanced Member
  • 1,899 posts
  • LocationEngland, UK

Posted 07 September 2006 - 02:09 PM

Try setting the session variable of 'userlevel' once a user's logged in and then use this...

<?php
if ((!isset($_SESSION['userlevel'])) || ($_SESSION['userlevel'] <= 5)){ // if the session's not set, or if it's less than or equal to 5
   header("Location: index.php"); // forward them to our homepage
}
?>

Regards
Rich
Advice to MySQL users: Get phpMyAdmin and test your queries work there first, take half the hassle out of diagnosis, also check the reserved words list.

Links: PHP Docs :: RegEx's :: MySQL :: DevGuru :: w3schools




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users