Not reading rights correctly

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
Fractal
Forum Commoner
Posts: 54
Joined: Tue Aug 16, 2005 1:28 pm

Not reading rights correctly

Post by Fractal »

Code: Select all

if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");

if (!isset($pagenum) || !isNum($pagenum))
$pagenum = 1;

// Find out which panels and pages the admin can access
$usr_rghts = " (admin_rights='".str_replace(".", "' OR admin_rights='", $userdata['user_rights'])."')";
$page1 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='1'");
$page2 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='2'");
$page3 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='3'");
$page4 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='4'");

// Work out which tab is the active default
if ($page1)
{
  $default = 1;
}
elseif ($page2)
{
  $default = 2;
}
elseif ($page3)
{
  $default = 3;
}
elseif ($page4)
{
  $default = 4;
}
else
{
  fallback("../index.php");
}

// Ensure the admin is allowed to access the selected page
$pageon = true;
if ($pagenum == 1 && !$page1)
$pageon = false;

if ($pagenum == 2 && !$page2)
$pageon = false;

if ($pagenum == 3 && !$page3)
$pageon = false;

if ($pagenum == 4 && !$page4)
$pageon = false;

if ($pageon == false)
redirect("index.php?pagenum=$default");
It's my main admin page.. It's not reading my user permissions or not reading them correctly.. So it redirects me to my fallback page.

Any ideas? I've been looking all day and I haven't seen anything.
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Re: Not reading rights correctly

Post by timvw »

Fractal wrote:

Code: Select all

if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");
Prepend the following to your scripts when developping:

Code: Select all

ini_set('error_reporting', E_ALL);
ini_set('display_errors', TRUE);
PHP will probably complain about iADMIN...
User avatar
Fractal
Forum Commoner
Posts: 54
Joined: Tue Aug 16, 2005 1:28 pm

Re: Not reading rights correctly

Post by Fractal »

timvw wrote:
Fractal wrote:

Code: Select all

if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");
Prepend the following to your scripts when developping:

Code: Select all

ini_set('error_reporting', E_ALL);
ini_set('display_errors', TRUE);
PHP will probably complain about iADMIN...
Nope.. It doesn't complain about it.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

Code: Select all

if (!iADMIN || $userdata['user_rights'] == "") 
fallback("../index.php");
I think you can not really know the result of !iADMIN. i think its not the best way to code the if condition.
put something like

Code: Select all

if (!iADMIN == 0 || $userdata['user_rights'] == "") 
fallback("../index.php"); 

//or


if (!iADMIN == 1 || $userdata['user_rights'] == "") 
fallback("../index.php");
i can blindly say that this if condition overrides the other if conditions as this is the first one. may be you take this if condition off for a while and try to see, if you get the priveleges right.
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Re: Not reading rights correctly

Post by Roja »

Fractal wrote:Nope.. It doesn't complain about it.
If not, then where is iADMIN defined, and what is it defined as?
User avatar
Fractal
Forum Commoner
Posts: 54
Joined: Tue Aug 16, 2005 1:28 pm

Re: Not reading rights correctly

Post by Fractal »

Roja wrote:
Fractal wrote:Nope.. It doesn't complain about it.
If not, then where is iADMIN defined, and what is it defined as?
It's defined in the configuration file to check if a user is logged in and what his user level is.

define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0);
Post Reply