permissions and redirects
Posted: Sat Oct 15, 2005 9:53 pm
I have a page, that depending on your permission (3 = admin, 2 = supporter, 1 = member, 0 = not verified member) it should keep you within your allowed area.
So if $_SESSION['logged'] == 1 that mean your logged in. $user['permission'] is your permission (3,2,1,0) Okay so my goal is that if your an admin (permission == 3) you can access everything except the register.php, login.php pages. Currently the same for supporter (2) will change later. But if your a regular member (1) you can only access pages index.php, bankingcalc.php, autologger.php, logout.php everything else you would get redirect to index.php.
When I login as an admin (3) it works fine, I get redirected when trying to access register.php, and login.php. But when I try member’s permission (1) I get redirected back and forth in a loop. I've commented out the headers and just echo'd some stuff to get an idea of what’s happening but I can’t figure it out. Also I rather not list the pages it cannot go to for members, just list the pages they are allowed to go to.
So if $_SESSION['logged'] == 1 that mean your logged in. $user['permission'] is your permission (3,2,1,0) Okay so my goal is that if your an admin (permission == 3) you can access everything except the register.php, login.php pages. Currently the same for supporter (2) will change later. But if your a regular member (1) you can only access pages index.php, bankingcalc.php, autologger.php, logout.php everything else you would get redirect to index.php.
When I login as an admin (3) it works fine, I get redirected when trying to access register.php, and login.php. But when I try member’s permission (1) I get redirected back and forth in a loop. I've commented out the headers and just echo'd some stuff to get an idea of what’s happening but I can’t figure it out. Also I rather not list the pages it cannot go to for members, just list the pages they are allowed to go to.
Code: Select all
$user['page'] = str_replace("/","",$_SERVER['PHP_SELF']);
if($_SESSION['logged'] == 1)
{
if($user['permission'] == 3)
{
if($user['page'] == 'register.php'
|| $user['page'] == 'login.php')
{
//echo "admin - redirect - " . $user['page'];
header('Location: index.php');
}
}
elseif($user['permission'] == 2)
{
if($user['page'] == 'register.php'
|| $user['page'] == 'login.php')
{
//echo "supporter - redirect - " . $user['page'];
header('Location: index.php');
}
}
elseif($user['permission'] == 1)
{
if($user['page'] != 'index.php'
|| $user['page'] != 'bankingcalc.php'
|| $user['page'] != 'autologger.php'
|| $user['page'] != 'logout.php')
{
//echo "verfied user - redirect - " . $user['page'];
header('Location: index.php');
}
}
elseif($user['permission'] == 0)
{
if($user['page'] != 'index.php'
|| $user['page'] != 'logout.php')
{
//echo "unverfied user - redirect - " . $user['page'];
header('Location: index.php');
}
}
}
else
{
if($user['page'] != 'login.php')
{
//echo "loggedout - redirect - " . $user['page'];
header('Location: login.php');
}
}