Solved

If session is not user or admin....

Posted on 2011-09-03
17
360 Views
Last Modified: 2012-06-27
Hi,
I'm not sure where my blunder is here.
I want to stay on this page unless the person logged in is not one of user or admin.


if ($_SESSION['usertype'] != 'user') && ||($_SESSION['usertype'] != 'admin') {
		
	header("Location:index.php");
	}

Open in new window

0
Comment
Question by:encodeme
  • 5
  • 4
  • 4
  • +2
17 Comments
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 36478160
Do you mean this?

if ($_SESSION['usertype'] == 'user')  || ($_SESSION['usertype'] == 'admin') {
            
      header("Location:index.php");
      }
0
 

Author Comment

by:encodeme
ID: 36478212
Hi Marqus,
My login script directs both user and admin to a page.

What I want is that if anyone else other than user or admin tries to see this page they are directed to index.php.

I'm not sure your solution does this ,
Thanks
0
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 36478219
Sorry for misunderstanding :-)

if ($_SESSION['usertype'] != 'user') && ($_SESSION['usertype'] != 'admin') {
            
      header("Location:index.php");
      }
0
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 36478227
You had an error in your syntax: you wrote && || and this should raise an error: be sure to set error_report(E_ALL);
while you are deplying your scripts (and to comment that lione once script is in production)

Cheers
0
 

Author Comment

by:encodeme
ID: 36478272
Hi Marqus,
I'm not sure why but it will not run.
I've checked it individually and it works eg.
if ($_SESSION['usertype'] != 'admin'){
	header("Location:index.php");
	}

Open in new window

But when I combine them it does not run.
Where should I place the
error_report(E_ALL);

Open in new window

0
 
LVL 30

Assisted Solution

by:Marco Gasi
Marco Gasi earned 60 total points
ID: 36478313
Place error_report(E_ALL); at the top of your script.

I was wrong again: replace && with ||

if ($_SESSION['usertype'] != 'user') || ($_SESSION['usertype'] != 'admin') {
           
      header("Location:index.php");
      }

If user is not user or if he is not admin then go away.

Cheers
0
 
LVL 27

Accepted Solution

by:
yodercm earned 80 total points
ID: 36478371
Try using more straightforward programming style:

$usertype = $_SESSION['usertype'];

if ($usertype != 'user'  &&  $usertype != 'admin')
  {
      header("Location:index.php");
  }


Makes it much easier to debug :)
0
 
LVL 34

Assisted Solution

by:Beverley Portlock
Beverley Portlock earned 80 total points
ID: 36478579
ALWAYS put an exit after a header/location or things will not work as you expect.


Yodercm said: "Try using more straightforward programming style:"

Well, if we are going THAT way.... ;-)

switch( $_SESSION['usertype'] ) {

      case 'admin':
      case 'user':
                      break;

       default:
                      header("Location: index.php");
                      exit;
}

0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 30 total points
ID: 36479121
Maybe this design pattern will help.  You only need to add one column to the data base to know if a client is a "user" or an "admin."
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html
0
 
LVL 27

Expert Comment

by:yodercm
ID: 36480308
Hi endoceme,

Thank you for the points, but I really think you should share some of the points to the others who also tried to help you.  The solution given by marqusg was almost the same as mine, and bportlock's point about exit() and his suggestion for using CASE were excellent ones.  Even if mine is the one you used, they both put in some time and effort to help you.  

Why don't you request attention and ask the moderator to reset, then accept again sharing some of the points with those two people.

Cheers,
C.
0
 

Author Comment

by:encodeme
ID: 36480339
Hi yodercm,
I appreciate your sensitive  comments. As with coding ...I'm a begginer here.
I'll try and get the points distributed.
Thanks
encodeme
0
 

Author Closing Comment

by:encodeme
ID: 36484025
Phew ... hope that's an acceptable point distribution.
Once more thanks for all the help.
:)
0
 
LVL 30

Expert Comment

by:Marco Gasi
ID: 36484042
lol, hope you're not too tired after having thought on how to distribute points :-) Thanks for them and thanks to yodercm also: you're always extremely correct.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 36484094
Thanks Yodercm and  encodeme.

0
 
LVL 27

Expert Comment

by:yodercm
ID: 36484783
Good job, endoceme :)
0
 
LVL 27

Expert Comment

by:yodercm
ID: 36484787
And if I could only spell, I'd say

Good job, encodeme :)
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

This article discusses how to create an extensible mechanism for linked drop downs.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now