Allow only admins access to a certain page?? 1

[Kaylech]

php is still kicking my tail - for now.

This is a fairly routine script during my classic asp days.

Anyway, a user attempts to login.

If login is successfully, redirect user based on permission level.

			$_SESSION["UserID"] = $objResult["username"];
			$_SESSION["Status"] = $objResult["type"];

			session_write_close();

			if($objResult["type"] == "admin")
			{
				header("location:admin.php");
			}
			else
			{
				header("location:user.php");
			}

This appears to work well.

Now, I need to secure the page. This way, only admin can get into admin page while admin can get into any page.

So far, the script to get into admin page is failing me.

[code] if($_SESSION['status'] != 'admin') {
 header('Location: login.php'); //send the user back to login page.
}

Any ideas where I might be missing something?

Thanks alot

 

[spamjim]

Is this simply a matter of case?

$_SESSION["Status"]
$_SESSION['status']

Status != status

 

[Kaylech]

Sorry, a bit embarrassed by this.

I have got to keep reminding myself that this is not asp.net of the vb variety where case is insensitive.

Thank you; that was exactly the problem.