Demonic Posted October 10, 2006 Share Posted October 10, 2006 [code]<?phpob_start();include "config.php";session_start();if($logged[level] == 5){$_SESSION['auth'] = true;}else{$_SESSION['auth'] = false;}if($_SESSION['auth'] == true){//show some stuff}elseif($_SESSION['auth'] == false){include "login.php";}?>[/code]config.php includes cookie would this possible work outWhat im trying to manage is to check if a user is an administrator then use a session to tell the page that he is allowed to view the page else he can not view the page and it shows login page.Can someone tell me if this is correct. Link to comment Share on other sites More sharing options...
printf Posted October 10, 2006 Share Posted October 10, 2006 It depends...Where is the array $logged being set?, also where is the session being started? Other than those questions, why do you quote your session elements and not your $logged array elements.me! Link to comment Share on other sites More sharing options...
Demonic Posted October 10, 2006 Author Share Posted October 10, 2006 because I simply stated:[quote]config.php includes cookie would this possible work out[/quote]meaning $logged is a cookieand it does saysession_start();Oh and about the $logged not being quoted its a whilestatement in my config.php[code]<?phpob_start();mysql_connect("localhost","root","*******") or die(mysql_error());mysql_select_db("************") or die(mysql_error());$cookieid = htmlspecialchars($_COOKIE[uid]);$cookiepass = htmlspecialchars($_COOKIE[upass]);$logged = mysql_query("SELECT * FROM users WHERE id='$cookieid' AND password='$cookiepass' ");$logged = mysql_fetch_array($logged);?>[/code] Link to comment Share on other sites More sharing options...
printf Posted October 10, 2006 Share Posted October 10, 2006 If you already set the cookie in config then why do you need ob_start(); You use ob_... functions when you need to hold content because later you may send a cookie or other header. I don't see any output happening so why do you have it. Other than that, the way you have it is fine as long as the cookie has been validated. I don't see where the cookie is coming from so there is no way to tell if that logic is sound.me! Link to comment Share on other sites More sharing options...
Demonic Posted October 10, 2006 Author Share Posted October 10, 2006 [quote=me]<?phpob_start();mysql_connect("localhost","root","*******") or die(mysql_error());mysql_select_db("************") or die(mysql_error());$cookieid = htmlspecialchars($_COOKIE[uid]);$cookiepass = htmlspecialchars($_COOKIE[upass]);$logged = mysql_query("SELECT * FROM users WHERE id='$cookieid' AND password='$cookiepass' ");$logged = mysql_fetch_array($logged);?>[/quote]Thats where cookie is coming from^config.php fileso other then what you said abuot the ob_start(); im fine? Link to comment Share on other sites More sharing options...
trq Posted October 10, 2006 Share Posted October 10, 2006 I think what printf is getting at is that your code is syntactically (is that even a word?) terrible, but the idea should work. Your initial code should have looked more like...[code=php:0]<?phpob_start();include "config.php";session_start();if ($logged['level'] == 5) { $_SESSION['auth'] = true;} else { $_SESSION['auth'] = false;}if ($_SESSION['auth']) { //show some stuff} else { include "login.php";}?>[/code] Link to comment Share on other sites More sharing options...
Demonic Posted October 10, 2006 Author Share Posted October 10, 2006 Ok, But you aint have to be so mean about it. Could of just said I think he means that your coding is incorrect. and posted code. -_- Link to comment Share on other sites More sharing options...
eXodus Posted October 10, 2006 Share Posted October 10, 2006 EDITED BY eXodus: Curb your tongue [b]thorpe[/b]. Link to comment Share on other sites More sharing options...
trq Posted October 10, 2006 Share Posted October 10, 2006 [quote]But you aint have to be so mean about it[/quote]Sorry... didn't intend it to be meen. Link to comment Share on other sites More sharing options...
Recommended Posts