Jump to content

Recommended Posts

Does anyone have an idea how the variable "$MM_donotCheckaccess" in Dreamweaver's authentication restriction code is used, the when, where, why and how it's used. I am sure you have seen the code many times over. However, here it is again (below) with the variable in question at the fourth line. FYI, I am using DW 2K4MX.

P.S. This question is of utmost importance because I'm banging my head out of pure curiosity to know, so please help before curiosity kills the cat!!

Thank you in advance.

Here's the all so common code:

<?php
session_start();
$MM_authorizedUsers = "Sellers,builders,agents";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "myaccount.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
  • 2 years later...
I was likewise banging my head out of curiosity so I had a good look at the code. The short answer is that the $MM_donotCheckaccess variable does NOT seem to be used although it's value is set to TRUE or FALSE depending on whether 'username, pasword and access level' or just 'username and password' is selected in the Restrict Access server behavior dialogue box.

Likewise the following line of code:

if (($strUsers == "") && false) {

contains true or false accordingly and this is what actually controls whether user has access or not. So, if I am right then the 'false' in the above satement could be replaced with the variable $MM_donotCheckaccess - this would make the code easier to read and make use of the variable. Otherwise it seems to be entirely redundant!

Hope this helps. Better late than never!

Graham

 
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.