Jump to content

[SOLVED] My access level restriction wont work

clown[NOR]

By clown[NOR]
in PHP Coding Help

 Share

Recommended Posts

clown[NOR] Regular Member

clown[NOR]

Posted
Posted

ok.. this is how it is... I have currently 6 access levels on my site.. 0, 10, 20, 30, 40 and 50.. I want to restrict what each level can view in the control panel.. this is how the code looks at the moment:

 

<?php

if (isset($_COOKIE['username'])) {
	$liStatus = chkLoginStatus($_COOKIE['username']);
	if ($liStatus == "OFFLINE") { 
		echo "You must be logged in to view this page.";
	} else { 

		#echo "You're now viewing the control panel.";
		$userAccess = getAccessLevel();

		echo "Your accesslevel is: ".$userAccess."<br><br>";
		if ($userAccess == 0) { echo "Your account has been blocked"; }
		if ($userAccess <= 10) { 
			echo "- Subscribe/Unsubscribe to newsletter<br>"; 
		}
		if ($userAccess <= 20) { 
			echo "- Post news & tutorials<br>"; 
		}
		if ($userAccess <= 30) { 
			echo "- Accept/Deny news & tutorials<br>
				  - Block users (final desistion must be made by an administrator)<br>"; 
		}
		if ($userAccess <= 40) { 
			echo "- Block/Unblock user (with no need for final desition, only if it's another admin.)<br>
				  - Accept/deny user block<br>";
		}
		if ($userAccess <= 50) {
			echo "- Completely remove users from database";
		}
	}
} else { echo "You must be logged in to view this page."; }

?>

 

this is the result I'm getting

Your accesslevel is: 10

 

- Subscribe/Unsubscribe to newsletter // Level 10

- Post news & tutorials // Level 20

- Accept/Deny news & tutorials // Level 30

- Block users (final desistion must be made by an administrator) // Level 30

- Block/Unblock user (with no need for final desition, only if it's another admin.) // Level 40

- Accept/deny user block // Level 40

- Completely remove users from database // Level 50

 

but as you can see.. I've set my own access level to 10, and still everything shows up.. any ideas how to fix this issue?

 

Thanks In Advance

- Clown

clown[NOR] Regular Member

clown[NOR]

Posted
  • Author
Posted

this is the getAccessLevel fucntion

<?php
function getAccessLevel() {
	global $dbHost, $dbUser, $dbPass, $dbName;
	$cUserName = $_COOKIE['username'];
	if (!mysql_connect($dbHost, $dbUser, $dbPass)) { echo "Unable to connect to database"; die(); }
	if (!mysql_select_db($dbName)) { echo "Unable to select database"; die(); }

	$query = "SELECT * FROM users WHERE username = '" . mysql_real_escape_string($cUserName) . "'";
	$result = mysql_query($query);

	if (!$result) { echo "Could not run query from database"; die(); }

	$dbField = mysql_fetch_assoc($result);
	return $dbField['access'];
}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.