unidox Posted July 21, 2007 Share Posted July 21, 2007 I am trying to have different user levels, but no matter what, it gives admin access to all users :/ login.php: <?php $page = "login"; require_once ("inc/db.inc.php"); require_once ("inc/func3.inc.php"); require_once ("req/login.inc.php"); if ($_REQUEST['m']) { if ($_REQUEST['m'] == "1") { $loginpass = $_POST['login_pass']; $password = md5($loginpass); $loginname = $_POST['login_name']; $checkrows = mysql_query ("SELECT * FROM cp_users WHERE username='$loginname' && password='$password'") or die (mysql_error()); $rowcount = mysql_num_rows ($checkrows); if ($rowcount == "0") { showError("User/Login Error"); } if ($rowcount != "0") { header ("Location: index.php?page=admin"); $time = date("h:i:a"); $date = date("m/d/Y"); $last_logged = $time . "\n(" . $date . ")"; $ip = getenv ("REMOTE_ADDR"); MYSQL_QUERY("UPDATE cp_users SET last_logged='$last_logged', cur_ip='$ip' WHERE username='$loginname'") or die (mysql_error()); while ($mysql=mysql_fetch_array($checkrows)) { setcookie("access", $mysql[access],time()+60*60*24*30); } setcookie ("uniqueid",$loginname,time()+60*60*24*30); exit; } } elseif ($_REQUEST['m'] == "2") { header ("Location: index.php?page=login"); setcookie ("uniqueid"); setcookie ("access"); exit; } } else { if ($_COOKIE['uniqueid'] == "") { $checkfields = "login_name&login_pass"; $errors = "Enter a username&Enter a password!"; $titles = "Username:&Password:"; $fields = "login_name&login_pass"; $type = "text&password"; $size = "30&30"; $maxlength = "25&25"; createJSValid($checkfields,$errors); createForm($titles,$fields,$type,$size,$maxlength,'1','','','','1'); } else { showError("You are already logged in, <a href=\"" . $_SERVER['PHP_SELF'] . "?page=login&m=2\">logout?</a><br /><br /><a href='index.php?page=admin'>Admin Home</a>"); } } ?> Part of the func3.inc.php: require_once 'config.inc.php'; $islogged = preg_match("/index.php?page=login/", $_SERVER['PHP_SELF']); $oncolour = "#FFFFFF"; $offcolour = "#FFFFFF"; $bdrcolour = "#FFFFFF"; if ((!$_REQUEST['method']) || (!$_COOKIE['uniqueid'])) { $access = $_COOKIE['access']; if (array_search($page,$levels)) { if ($access > $levels[$page]) { echo $access . $levels[$page]; //showError('You do not have access to this page.'); exit; } } } The config.inc.php: <?php ############################################### // Folder Locations $template_folder = "template/"; $folder = "/"; $imagefolder = "pics/"; $imagefilepath = $folder . $imagefolder; // Vulgarity on or off // 1: On, 0: off $vulgarity = 0; // Special Character // Default: | $special_character = "&"; // Max Links & Roster Characters // Default: 20 $max_length = 16; // Max News Posts Displayer Per Page // Default: 8 $max_news = 8; // Do not change $root = $_SERVER['DOCUMENT_ROOT']; $imagefullpath = $root . $imagefilepath; // Access Levels // 1: Master, 2: Limited, 3: All Users $levels = array(); $levels[login] = "3"; $levels[index] = "2"; $levels[news] = "2"; $levels[roster] = "1"; $levels[links] = "2"; $levels[leagues] = "2"; $levels[matches] = "2"; $levels[servers] = "1"; $levels[faq] = "2"; $levels[sponsors] = "1"; $levels[downloads] = "2"; $levels[meda] = "2"; $levels[demos] = "2"; $levels[settings] = "1"; $levels[changepass] = "2"; $levels[admins] = "1"; $levels[config] = "1"; ?> Link to comment https://forums.phpfreaks.com/topic/61122-user-levels/ Share on other sites More sharing options...
ss32 Posted July 21, 2007 Share Posted July 21, 2007 Check the default value for the column where you store the access level. You might have your problem right there, when you create the user in the first place. Link to comment https://forums.phpfreaks.com/topic/61122-user-levels/#findComment-304188 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.