Jump to content
Larry Ullman's Book Forums

Restrict Access To Pages


Recommended Posts

Hello,

 

I have been following the book and have set-up a login system but my only problem is even if users are not logged in if they manually type the name of a page it will load.

 

There is references in the book to restrict access but no examples, I have my links in the footer with user level control and that works fine. I have tried to restrict pages from loading but I have not been successful yet.

 

Any help would be nice.

 

~Antonia

Link to comment
Share on other sites

Ok, thanks Larry. I think I have sussed it and have attached the code so others can learn from it. Placed on every page that needs protecting and it appears to work very well :)

 

// If no session variable exists, or unauthorized user_level, redirect the user:
  if (isset($_SESSION['user_id']))
  {
  // if a valid user session is found then the user level is checked, if the
  // user has level 3 access they will be granted access if not a access denied
  //message be displayed and the user will be redirected.
	 if ($_SESSION['user_level'] == 3) {}

  else
  {
	header("Refresh: 3; url=index.php");
   echo '<h3>Access deined - you do not have access to this page</h3>';
   echo 'You will be redirected in 3 seconds';
   include ('includes/footer.html');
	exit(); // Quit the script.
  }  
  }
  // if no valid session is found then the user is not logged in and will
  // receive a access denied message and will be redirected to the login page.
  else if (!isset($_SESSION['user_id'])) {

  header("Refresh: 3; url=login.php");
  echo '<h3>Access deined - you do not have access to this page</h3>';
  echo '<p>You will be redirected in 3 seconds</p>';
  include ('includes/footer.html');
  exit(); // Quit the script.
  }  

Link to comment
Share on other sites

  • 3 years later...
 Share

×
×
  • Create New...