PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
// now look up this users permissions for this group
$query = "SELECT * FROM permissions WHERE username='$username' AND group_id ='$group_id'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result) or die(mysql_error());
// set the user permissions
$_SESSION["permission"] = $row['access_levell'];
// now look up this users permissions for this group
// get the users permission level from the permissions table where the user name = X and the group_id = Y
$query = "SELECT * FROM permissions WHERE username='$username' AND group_id ='$group_id'";
// get it...
$result = mysql_query($query) or die(mysql_error());
// get the info from the row
$row = mysql_fetch_array($result);
// take what in in the DB for access_level and register it to $_SESSION["permission"] for future use
$_SESSION["permission"] = $row['access_levell'];
I'd do a quick test then to make sure that the row is definitely being pulled from the database.
Do this by print_r($row); if you get the array printed out then you know the mysql is working fine.
If the mysql is working then how about checking these things:
1) Is the row column in the pemissions table definitely called access_levell? I'm asking as it looks like it has 2 L's or is that a number 1?
2) $_SESSION["permission"] <-- you're using " there instead of '. Not sure if that makes a difference though.
FOUND IT!
When you are asking form data in the db that matches $username and $group_id you want to make sure there is a user with the proper group_id !!!!!!!!
I just spent the last 1.5 hours pulling my hair out on this!
// now look up this users permissions for this group
$query = "SELECT * FROM permissions WHERE username='$username' AND group_id ='$group_id'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
if(mysql_num_rows($result)!='0'){ // If match.
$_SESSION['permission'] = $row['access_level'];// set the user permissions
$_SESSION['username'] = "$username"; // Craete session username.
$_SESSION['group_id'] = "$group_id"; // set the group_id
}else{
$message.="<div class=\"errorbox\">You do not have any access rights to this group</div>";
}