Page 1 of 1
Not reading rights correctly
Posted: Thu Sep 08, 2005 10:29 pm
by Fractal
Code: Select all
if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");
if (!isset($pagenum) || !isNum($pagenum))
$pagenum = 1;
// Find out which panels and pages the admin can access
$usr_rghts = " (admin_rights='".str_replace(".", "' OR admin_rights='", $userdata['user_rights'])."')";
$page1 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='1'");
$page2 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='2'");
$page3 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='3'");
$page4 = dbcount("(*)", "admin", $usr_rghts." AND admin_link!='reserved' AND admin_page='4'");
// Work out which tab is the active default
if ($page1)
{
$default = 1;
}
elseif ($page2)
{
$default = 2;
}
elseif ($page3)
{
$default = 3;
}
elseif ($page4)
{
$default = 4;
}
else
{
fallback("../index.php");
}
// Ensure the admin is allowed to access the selected page
$pageon = true;
if ($pagenum == 1 && !$page1)
$pageon = false;
if ($pagenum == 2 && !$page2)
$pageon = false;
if ($pagenum == 3 && !$page3)
$pageon = false;
if ($pagenum == 4 && !$page4)
$pageon = false;
if ($pageon == false)
redirect("index.php?pagenum=$default");
It's my main admin page.. It's not reading my user permissions or not reading them correctly.. So it redirects me to my fallback page.
Any ideas? I've been looking all day and I haven't seen anything.
Re: Not reading rights correctly
Posted: Fri Sep 09, 2005 2:56 am
by timvw
Fractal wrote:Code: Select all
if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");
Prepend the following to your scripts when developping:
Code: Select all
ini_set('error_reporting', E_ALL);
ini_set('display_errors', TRUE);
PHP will probably complain about iADMIN...
Re: Not reading rights correctly
Posted: Fri Sep 09, 2005 3:08 am
by Fractal
timvw wrote:Fractal wrote:Code: Select all
if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");
Prepend the following to your scripts when developping:
Code: Select all
ini_set('error_reporting', E_ALL);
ini_set('display_errors', TRUE);
PHP will probably complain about iADMIN...
Nope.. It doesn't complain about it.
Posted: Fri Sep 09, 2005 4:33 am
by raghavan20
Code: Select all
if (!iADMIN || $userdata['user_rights'] == "")
fallback("../index.php");
I think you can not really know the result of !iADMIN. i think its not the best way to code the if condition.
put something like
Code: Select all
if (!iADMIN == 0 || $userdata['user_rights'] == "")
fallback("../index.php");
//or
if (!iADMIN == 1 || $userdata['user_rights'] == "")
fallback("../index.php");
i can blindly say that this if condition overrides the other if conditions as this is the first one. may be you take this if condition off for a while and try to see, if you get the priveleges right.
Re: Not reading rights correctly
Posted: Fri Sep 09, 2005 6:16 am
by Roja
Fractal wrote:Nope.. It doesn't complain about it.
If not, then where is iADMIN defined, and what is it defined as?
Re: Not reading rights correctly
Posted: Fri Sep 09, 2005 2:47 pm
by Fractal
Roja wrote:Fractal wrote:Nope.. It doesn't complain about it.
If not, then where is iADMIN defined, and what is it defined as?
It's defined in the configuration file to check if a user is logged in and what his user level is.
define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0);