[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Hi Guys,
Having a problem with php and sessions, got them basicly working. Got
a login page that checks login against sql database and records the
session id there, ANd basic login works fine. Some logins have
administrative rights and this I have messed up. When i check the
login I set an extra php session variable to indicate admin rights but
this just vanishes after a few page clicks, I am still logged in with
out admin and can access the members only area.
What i do is at the start of evey page is check the variables to see
if the user is allowed to view that page.
This is the check that is vanishing on an admin pages :-
<?php
session_start();
if($_SESSION['usertype']!="Administrator")
{
header("Location:http://www.ukmagsoc.org.uk/html/login/index.php?error=
3");
}
?>
the usertype variable just vanishes after a couple of clicks around the site.
On other other pages we have :-
session_start();
if(!isset($_SESSION['userid']))
{
header("Location:../login/index.php?error=2");
}
which never fails to work and stays active until logout.
I am sure its my stupidity, any ideas of what i am doing wrong?
--
Robin Cornelius
http://www.byteme.org.uk
--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html