[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Neil Williams wrote: >> >> the usertype variable just vanishes after a couple of clicks around the site. > > It may be counter-intuitive but by not reading usertype but only > reading userid, you may be causing the loss of the usertype data. Can > you not calculate usertype from userid? Hi Neil, Well the actual userid was just the pkey from the database or unset for not logged in. Usertype was just another field in the database. In fact i was testing both variables on all pages because the menu on the left of the site is SSI and includes tests to display member only and administrator options. I just also had the code I posted as the first bit on the page so it could redirect the page before the headers were sent if not authorised. > >> On other other pages we have :- >> >> >> session_start(); >> >> if(!isset($_SESSION['userid'])) >> { >> header("Location:../login/index.php?error=2"); >> } > > Even if this page has no content relevant to the administrator, it > still needs to check the variable so that it is in scope for the next > operation using the cookie. > >> which never fails to work and stays active until logout. > > Because it's in every page that uses the cookie. > > At least, that would be the first thing I would implement as a > testcase. That and trying to calculate usertype from userid by some > server-only method, maybe in the database. Maybe the overall method I am using is still wrong. I have inherited this site and I am attempting to cobble fixes together. At least the "basic" layout is now CSS the menu is a SSI and the title, menu and main text area are set by CSS and the fonts and styles are uniform through the site now by a .css file. The main text contents is a mess because others need to be able to edit it using contribute and that seems to love producing tables and lots and lots of inline styles and messy html. I have just made some changes and it has stopped misbehaving. It appears that $_SESSION['usertype'] and $usertype have way to much in common, by removing all $usertypes from the code it has stopped messing around?? I must have missed something here???? Thanks -- Robin Cornelius http://www.byteme.org.uk
Attachment:
signature.asc
Description: OpenPGP digital signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html