I am trying to make the page inaccessible unless the user has a specific permissionlevel and is a user of the system.
I have provided my code below.
<?php
session_start();
include 'login/config.php';
if($_SESSION['username']=='user' && $_SESSION['permissionlevel']!='one');{
echo "<script>you dont have permission to access this page</script>";
header:("location:dashboard.php");
}
?>
Where am I going wrong with the code?
EDIT:
Code modified with help of Neelesh, however it still isn't working.
I think you search for an ACL implementation or how its work. The Zend Framework has a good implementation of this. Look here: http://framework.zend.com/manual/current/en/modules/zend.permissions.acl.intro.html how its work.
regards
if suppose you have userroles like adminstrator and user
and permission levels one,two and three
based on this userrole and permission levels you can have check for that page if you are converting them into session while login
if($_SESSION['USERROLE']=='USER' && $_SESSION['PERMISSIONLEVEL']!='THREE')
{
echo "<script>you dont have permission to access this page</script>";
header:("location:index.php")
}
by this simple check you can give acces to a particular page if not redirect him to home page with an alert msg
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.