ncurran217 Posted January 7, 2013 Share Posted January 7, 2013 I have worked up a login page and everything and works great, as well as on all the other pages set to if not logged in it will redirect to the login page. Code is here: <?php session_start(); if (!(isset($_SESSION['forteid']) && $_SESSION['forteid'] != '')) { header ("Location: login.php"); } ?> Now trying to add in certain pages where only certain access can access the page if not it will redirect back to the home page. This is what I have, but when not logged in and go to a page with this at the top, it just seems to skip over the first if (!isset) check: <?php session_start(); if (!(isset($_SESSION['forteid']) && $_SESSION['forteid'] != '')) { header ("Location: login.php"); } if (!(isset($_SESSION['accesslevel']) && $_SESSION['accesslevel'] != '1')) { header ("Location: noaccess.php"); } ?> I thought if else statement but not sure how to write that. Thanks for the help in advance! Quote Link to comment Share on other sites More sharing options...
requinix Posted January 7, 2013 Share Posted January 7, 2013 (edited) Using header() to redirect will not stop your script. It will keep on running. If that second condition also happened to match then the redirect to login.php will be overwritten with noaccess.php. Always exit; right after you send the header(). [edit] Also, does your logout process trash the entire session or just the forteid? It should get rid of everything. Edited January 7, 2013 by requinix Quote Link to comment Share on other sites More sharing options...
ncurran217 Posted January 7, 2013 Author Share Posted January 7, 2013 Thanks!!! Quote Link to comment Share on other sites More sharing options...
ncurran217 Posted January 7, 2013 Author Share Posted January 7, 2013 (edited) Using header() to redirect will not stop your script. It will keep on running. If that second condition also happened to match then the redirect to login.php will be overwritten with noaccess.php. Always exit; right after you send the header(). [edit] Also, does your logout process trash the entire session or just the forteid? It should get rid of everything. This is what I have for my logout.php page: <?php session_start(); session_destroy(); header("location: login.php"); exit() ?> Is that good? Or do you recommend something else? Edited January 7, 2013 by ncurran217 Quote Link to comment Share on other sites More sharing options...
requinix Posted January 7, 2013 Share Posted January 7, 2013 That's fine - as simple as it gets. Quote Link to comment Share on other sites More sharing options...
ncurran217 Posted January 7, 2013 Author Share Posted January 7, 2013 That's fine - as simple as it gets. Thanks again! Quote Link to comment Share on other sites More sharing options...
Christian F. Posted January 8, 2013 Share Posted January 8, 2013 (edited) Actually, you'll need to use unset ($_SESSION) and destroy the session cookie as well. As noted in the PHP manual for session_destroy (). Edited January 8, 2013 by Christian F. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.