eldan88 Posted December 31, 2013 Share Posted December 31, 2013 (edited) Hey Guys. I have created a function to restrict user access if a user_id has been set and if the session access level is 0 or 1. The page that I am trying to restrict access for if not logged is, user.php. When I go to directly to user page "user.php?jon" for the first time its redirects me to the index.php. When I go to user.php?jon for the second time it takes me to me the user.php for jon . The reason is because my condition says to redirect the user to the index page if the user_name is not set and if the access level is not set. When someone enters in the uri user.php?jon for the first time it doesn't get set, only after they hit enter on the address bar the user_id "jon" get set. The issue is with the session access level. It has an or expression which I think, tells the server if none the sessions access level is set to 1 or 0 then bypass. What I am really trying to say is the session must have an access level of 1 or 0 otherwise redirect page. But it does seem to be working. Does anyone have any suggestions. Below is the actual code. <?php session_start(); function confirmed_admin_logged_in(){ return isset($_SESSION['user_id']) && ($_SESSION['access'] == 0); } function confirmed_store_owner_logged_in() { return isset($_SESSION['user_id']) && ($_SESSION['access'] == 1 || $_SESSION['access'] == 0) ; // The issue might be from this line } function admin_logged_in() { if (!confirmed_admin_logged_in()) { goto_page("https://index.php/"); } } function admin_and_store_logged_in() { if(!confirmed_store_owner_logged_in() && !isset($_SESSION['access'])) { goto_page("index.php/"); } } Edited December 31, 2013 by eldan88 Quote Link to comment https://forums.phpfreaks.com/topic/285011-restricting-access-through-sessions/ Share on other sites More sharing options...
Solution requinix Posted December 31, 2013 Solution Share Posted December 31, 2013 All you did was post some functions. How about posting how those functions are being used? And where the session values are being set? Quote Link to comment https://forums.phpfreaks.com/topic/285011-restricting-access-through-sessions/#findComment-1463459 Share on other sites More sharing options...
eldan88 Posted January 1, 2014 Author Share Posted January 1, 2014 Hey Requinix! I went through the files that where using the function, and saw the problem! Thank you! Quote Link to comment https://forums.phpfreaks.com/topic/285011-restricting-access-through-sessions/#findComment-1463571 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.