?
Solved

Restricting access to page

Posted on 2013-01-22
4
Medium Priority
?
447 Views
Last Modified: 2013-01-24
Hi all,

I am using a PHPfox script and need to follow their syntax but am wondering how to restrict access to a page. The following code restricts access for only logged in users:

public function process() 
    {         
	phpfox::isUser(true);
    } 

Open in new window


I want to restrict it also so that the user must be logged in and must also be a member of a particular user group (let's say usergroups 1,2 and 3)

Here is how I got the value of the user's user group if they are logged in:

$username2 = Phpfox::getUserBy('user_group_id');

Open in new window


Can someone tell me how to put both of these together so that the user must be logged in and be a member of this page also?

Thanks,

D
0
Comment
Question by:TLN_CANADA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 20

Expert Comment

by:Mark Brady
ID: 38809647
You need to do a check on their group id then decide to let them in or not. Without seeing the class I'm not sure what it does but basically, you assign the users group to a variable ($group or $groupid). Same thing for the logged in value. There will be something in that class to see if they are logged in. Assign them to variables then somewhere in your script you do a simple check. If they aren't logged in or in the right group you redirect them.

Logged in should be a bool value (true/false)

This must be done before any output to the browser so I would do it as soon as you instantiate the class object. For example let's say the groupid for this particular example is 123

if ($groupid != '123' || !$loggedin) {
    header("location: index.html"); // redirect them to whatever page you want
    die();
}
0
 

Author Comment

by:TLN_CANADA
ID: 38812228
Here is what I am trying at the moment but it is giving the error that there are too many redirects on the page:

public function process() 
    {      
    phpfox::isUser(true);
	
	$usergroup = Phpfox::getUserBy('user_group_id');
	if ($usergroup != '123' || !$loggedin) {
    header("location: index.html"); 
    die();
}
    }

Open in new window


Could you tell me how to phrase it in an if statement so that it only allows access if both conditions are true (logged in user and member of group 1-3)

Thanks so much,

Derek
0
 
LVL 20

Accepted Solution

by:
Mark Brady earned 2000 total points
ID: 38812431
Well you already have that logic there in this line

if ($usergroup != '123' || !$loggedin) {
 // redirect
}

You need to change the user group from '123' to the actual usergroup you are testing for. I put '123' as an example but I don't know what your user groups are named.

If a user must be in usergroup 1, 2 or 3 (replace the 1 2 3 with the actual usergroup ids or names) then you would test for them all like this...

if ($usergroup != 1 || $usergroup != 2 || $usergroup != 3 || !$loggedin) {
   // redirect here.....
}

You will need to make sure the $loggedin variable is set properly and I'm not sure how you get that information from your class.

I would remove the check for loggedin for now and just check for the user groups first. Once that is working then add the loggedin check.

Hope this helps
0
 

Author Closing Comment

by:TLN_CANADA
ID: 38816300
Thank you!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question