session problem

i have a webpage that if a registered user session is set or true let them view the full contents of the page else if a guest session is set or registered let them only view some of the contents on the page...

my problem is separating these out?

at the moment the site works great without try to include guest sessions.

so at the moment if you want to view the full contents of the page, you have to login and to do so you have to become a member... duh!

but what i want now is to allow unregistered users (guest) view the page too, but only some of the material, but if i try viewing the page without been login in, i get "please login"....

how do i overcome this?
LVL 16
ellandrdAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

TeRReFCommented:
Use a simple ACL structure. Define a function which does something like (I'm guessing you're using a DB to store your reg. users):
function isRegisteredUser($user) {
   //query to see if current user is registered user, if so return true, otherwise return false
}

Now, with every section of your page you can use this function to enable/ disable it.
if isRegisteredUser($user) {
  show this section
}

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ellandrdAuthor Commented:
dont really understand - when user registers, i add there details into a DB.

when user logs in, i compare username/password against that in the DB. if true, i register a session contain cid,username, firstname.

then on each page i wish to allow that user to view, i check for session values... like cid or username etc.

in use your solution, im not too sure how i include it....

eg.

main.php

<?php
require('../globals/includes/session.inc.php');
if ($_SESSION['user']->username == 'administrator')
{
   echo "Logged In As ".$_SESSION['user']->firstname." (<a href='../globals/includes/end.php'>Sign Out</a>)";
   // show admin material here
}
else if ($_SESSION['user']->username != 'administrator')
{
   echo "Logged In As ".$_SESSION['user']->firstname." (<a href='../globals/includes/end.php'>Sign Out</a>)";
   // show registered users material here
}
else
{
   echo "Welcome Guest";
   // show non-registered users material here
}
?>


session.inc.php just checks if session was set or not...



ellandrdAuthor Commented:
anybody?
ellandrdAuthor Commented:
some more info that might help you find why i have a problem...


session.inc.php file:
===========================================================================
<?php
require('e:\\domains\\q\\quest-recruiting.com\\user\\htdocs\\globals\\classes\\user.classes.php');

session_start();

if(empty($_SESSION["user"]->cid) || $_SESSION['guest'] == false)
{
      ?>
            <script language="javascript">
            top.location.href = "http://www.quest-recruiting.com/globals/includes/end.php?timeOut=1";
            </script>
      <?
}

if(!is_numeric($_SESSION["user"]->cid) || $_SESSION['guest'] == false)
{
      ?>
            <script language="javascript">
            top.location.href = "http://www.quest-recruiting.com/globals/includes/end.php?timeOut=1";
            </script>
      <?
}

$minutes = 20;

if ($_SESSION['guest'] == false || (time() - $_SESSION["timestamp"]) > $minutes*60)
{
      ?>
      <script language="javascript">
      top.location.href = "http://www.quest-recruiting.com/globals/includes/end.php?timeOut=1";
      </script>
      <?
}
else
{
      $_SESSION["timestamp"] = time();
}
?>




index.php (login section)
============================================================================
<?php
require('e:\\domains\\q\\quest-recruiting.com\\user\\htdocs\\globals\\includes\\session.inc.php');

if(isset($_SESSION['user']->cid))
{
      header("Location: main.php");
}

....

// form so user can login...

?>



index.php
======================================================================
<?php
require('e:\\domains\\q\\quest-recruiting.com\\user\\htdocs\\globals\\includes\\db.inc.php');
$link_id = db_connect();

require('e:\\domains\\q\\quest-recruiting.com\\user\\htdocs\\globals\\includes\\session.inc.php');
include_once('e:\\domains\\q\\quest-recruiting.com\\user\\htdocs\\globals\\classes\\usersOnline.class.php');

if (empty($_SESSION['user']->cid))
{
      $_SESSION['guest'] == true;
      $welcome = "Welcome guest!";
}
else
{
      $welcome = (empty($_SESSION['user']->firstname)) ? "Welcome ".$_SESSION['user']->firstname : "Welcome ".$_SESSION['user']->firstname;
}
?>

please i need some help!

Ellandrd
Bernard SavonetCIOCommented:
OK. Terref's answer is the answer you need, and I believe you already have almost to the picesto put that in place.

When a user registers, you have defined session varaibles that will allow you to check everywhere the status, eg $-SESSION['guest']

Lets now look at a page where you have private (user) and public (guest) info.

In front of each guest info, you put
if ( @$_SESSION['guest'] || !empty(@$_SESSION['user']->cid) ) { /* display info */};
(note that If I am not recognozed as a guest, I'll see nothing)

In fornt of each "user" info, you put
if ( !empty(@$_SESSION['user']->cid) ) { /* display info */};
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.