Jump to content

Restricting access through sessions


Go to solution Solved by requinix,

Recommended Posts

Hey Guys. I have created a function to restrict user access if a user_id has been set and if the session access level is  0 or 1.

 

The page that I am trying to restrict access for if not logged is, user.php.

 

When I go to directly to user page "user.php?jon" for the first time its redirects me to the index.php. When I go to user.php?jon for the second time it takes me to me the user.php for jon .

 

The reason is because my condition says to redirect the user to the index page if the user_name is not set and if the access level is not set.

 

When someone enters in  the uri user.php?jon for the first time it doesn't get set, only after they hit enter  on the address bar the user_id "jon" get set.

 

The issue is with the session access level. It has an or expression which I think, tells the server if none the sessions access level is set to 1 or 0 then bypass.

 

What I am really trying to say is the session must have an access level of 1 or 0 otherwise redirect page. But it does seem to be working.

 

Does anyone have any suggestions. Below is the actual code.

<?php session_start();

function confirmed_admin_logged_in(){
return isset($_SESSION['user_id']) && ($_SESSION['access'] == 0);
}

function confirmed_store_owner_logged_in() {
return isset($_SESSION['user_id']) && ($_SESSION['access'] == 1 || $_SESSION['access'] == 0) ; // The issue might be from this line
}


function admin_logged_in() {
if (!confirmed_admin_logged_in()) {
 goto_page("https://index.php/"); }
}


 function admin_and_store_logged_in() {
if(!confirmed_store_owner_logged_in() && !isset($_SESSION['access'])) {
        goto_page("index.php/");
	}
}

Edited by eldan88
Link to comment
https://forums.phpfreaks.com/topic/285011-restricting-access-through-sessions/
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.