Irksome Posted July 20, 2007 Share Posted July 20, 2007 Hi all, I'm making a website with an admin section, and one facet of that is user management. I've made a script for this task, but I want it to be accessable only to people with user level 4 or 5. Here's the code for the script. At present, it isn't accessable to anybody, even level 4 and 5 users. <?php require '../db.php'; require '../global.php'; switch ($_SESSION['user_level']) { case 5:echo $result = mysql_query("SELECT * FROM com_users ORDER BY userid DESC",$connection)or die(mysql_error()); while($myrow = mysql_fetch_assoc($result)) {//begin of loop //now print the results: echo $myrow['username']; echo "<a href=\"edit_user.php?userid=$myrow[userid]\">Edit User</a>"; echo '<br>'; }//end of loop ; case 0:echo $text['adminperms'];exit; case 1:echo $text['adminperms'];exit; case 2:echo $text['adminperms'];exit; case 3:echo $text['adminperms'];exit; } ?> Could anyone point me in the right direction here? Thanks. Quote Link to comment Share on other sites More sharing options...
gerkintrigg Posted July 20, 2007 Share Posted July 20, 2007 I just do this in the login script: $r=mysql_fetch_array(mysql_query("SELECT * FROM member WHERE Username='$username' && Password='$password' LIMIT 1;")); if ($r['permissions']>=4){ $_SESSION['admin']='y'; } then on each admin page: if($_SESSION['admin']!='y'){ $go='http://www.url_goes_here.com'; header('Location: '.$go); } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.