CodingForums.com - View Single Post - Resolved Redirect users based on their access level.

rgEffects · 01-29-2013, 09:00 PM

I have a users table with id(primary key), userName, password, and access fields. I've set up the log-in to pass userName, password and access to a session variable to validate the user.

There are 3 access levels now. 0, 1, & 2. I would like to add a redirect similar to the error redirect to push users with 0 to the error page (that works now) send users with access level 1 to another page, and access level 2 to a third page.

Here's the restrict access code:

PHP Code:


			
<?php 

if (!isset($_SESSION)) {

  session_start();

}

$MM_authorizedUsers = "1, 2";

$MM_donotCheckaccess = "false";



// *** Restrict Access To Page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  // For security, start by assuming the visitor is NOT authorized. 

  $isValid = False; 



  // No log-in if Session variable is blank. 

  if (!empty($UserName)) { 

    //Restrict access

    // Parse the strings into arrays. 

    $arrUsers = Explode(",", $strUsers); 

    $arrGroups = Explode(",", $strGroups); 

    if (in_array($UserName, $arrUsers)) { 

      $isValid = true; 

    } 

    // Or, you may restrict access only by username. 

    if (in_array($UserGroup, $arrGroups)) { 

      $isValid = true; 

    } 

    if (($strUsers == "") && false) { 

      $isValid = true; 

    } 

  } 

  return $isValid; 

}



$MM_restrictGoTo = "../error.php";



// I think this is where the argument that validates user level 2 goes here:



/* $MM2_restrictGoTo = "../dashboard2.php";

  (check user access level)

*/



if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 

  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo); 

  exit;    

}

 ?>

I can't figure out how to put in a redirect so that upon successful login access level 1 keeps you on the dashboard.php page but access level 2 sends you to the dashboard2.php page.

I'm beginning to think that I need a dummy page that uses a simple if (access = '1') {go to here} else if (access - '2') go somewhere else.

01-29-2013, 09:00 PM	PM User \| #1
rgEffects New Coder Join Date: Aug 2012 Posts: 76 Thanks: 22 Thanked 0 Times in 0 Posts	Redirect users based on their access level. I have a users table with id(primary key), userName, password, and access fields. I've set up the log-in to pass userName, password and access to a session variable to validate the user. There are 3 access levels now. 0, 1, & 2. I would like to add a redirect similar to the error redirect to push users with 0 to the error page (that works now) send users with access level 1 to another page, and access level 2 to a third page. Here's the restrict access code: PHP Code: <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = "1, 2"; $MM_donotCheckaccess = "false"; // *** Restrict Access To Page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // No log-in if Session variable is blank. if (!empty($UserName)) { //Restrict access // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access only by username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && false) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "../error.php"; // I think this is where the argument that validates user level 2 goes here: /* $MM2_restrictGoTo = "../dashboard2.php"; (check user access level) / if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> I can't figure out how to put in a redirect so that upon successful login access level 1 keeps you on the dashboard.php page but access level 2 sends you to the dashboard2.php page. I'm beginning to think that I need a dummy page that uses a simple if (access = '1') {go to here} else if (access - '2') go somewhere else. Last edited by rgEffects; 01-30-2013 at 02:03 PM..*