Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Allow only admins access to a certain page?? 1

Status
Not open for further replies.

Kaylech

Programmer
Mar 12, 2015
29
US
php is still kicking my tail - for now.

This is a fairly routine script during my classic asp days.

Anyway, a user attempts to login.

If login is successfully, redirect user based on permission level.

Code:
			$_SESSION["UserID"] = $objResult["username"];
			$_SESSION["Status"] = $objResult["type"];

			session_write_close();

			if($objResult["type"] == "admin")
			{
				header("location:admin.php");
			}
			else
			{
				header("location:user.php");
			}

This appears to work well.

Now, I need to secure the page. This way, only admin can get into admin page while admin can get into any page.

So far, the script to get into admin page is failing me.

[code] if($_SESSION['status'] != 'admin') {
 header('Location: login.php'); //send the user back to login page.
}

Any ideas where I might be missing something?

Thanks alot
 
Is this simply a matter of case?

$_SESSION["Status"]
$_SESSION['status']

Status != status
 
Sorry, a bit embarrassed by this.

I have got to keep reminding myself that this is not asp.net of the vb variety where case is insensitive.

Thank you; that was exactly the problem.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top