3 {{ upvoteCount | shortNum }}
3 {{ upvoteCount | shortNum }}

Need help with login area/sessions

by goliathseo
2 replies
Ok, here goes...

I have created a set of scripts that will log someone in and direct them to the proper area of the site.

I.e. sysadmin -> admin area and a regular user -> front end protected area

This is all well and good. I had a client request to view the front end as the admin and thus copied the front end scripts to the admin area of course changing the permissions on the new pages to only allow for their login...

Now here is where my problem is...

When viewing the front end as a regular user everything showes up fine in regards to images and so on, but when viewing the exact same scripts copied into the admin area the scripts do not pick up on the recently added content therefore the front end shows new content where the back end is showing nothing was added.

So What I am wondering is how do I go about giving the admin access to the front end without breaking the session in the back end? I want the admin to be able to log into the back end and click a link to the protected front end.

I currently have code like this protecting each page

PHP Code:
session_start();
if($_SESSION['is_logged_in']!='1'){
  header("Location: recipes.php");
I have also tried the following but with the admin having to log in each time the page was viewed.

PHP Code:
session_start();
if($_SESSION['is_logged_in']!='1' || $_SESSION['is_logged_in']!='2'){
  header("Location: recipes.php");
Any suggestions would be appreciated.
#area or sessions #login
  • Profile picture of the author m4rx
    I am a little bit confused.
    So this is what I got. As a regular user, the front end is fine. Now question, does it also look find when you are logged in as an admin, or does this not apply.

    On the backend, is it just a static page that you copied, or is it the real code. If so, you may have a problem with the code because it changed directories.

    What I don't understand is the sessions that you have.
    If is_logged_in is not = 1 or 2, then the user is an admin. Maybe it's me but that seems like bad practice. I would use a database instead of sessions to handle user login's. If not then I would make it where if an admin is logged in, then 'user_is_admin' is true(1).

    If I am missing something, please correct me, as I would love to help you on your issue.

    Regards
    --m4rx
    Signature
    We are what we repeatedly do. Excellence, then, is not an act, but a HABIT. ~Aristotle
    Bored. Learn everything you need to know about Organic Gardening.
    {{ DiscussionBoard.errors[1642478].message }}
  • Profile picture of the author CarloD.
    Hey,

    Looks like you are trying to do a check? if it's not 1 send em off?

    Here's what I use as a header file

    Code:
    ob_start();
session_start();
if (isset($_SESSION['username'])) {
    $username = $_SESSION['username'];
    $loggedin = true;
} else
    $loggedin = false;
    And heres what I call on the page I want to protect

    Code:
    //Members Page
include ("../inc/ad-member-functions.php");
include ("../inc/ad-member-header.php");
include ("../../inc/page-top.php");
if ($loggedin) {
//Members Page


----Content Here----

<!-- Members Page -->
  } else
header('Location: http://www.affiliatedeveloper.com/crash-course/ad-member-login.php');
                die("");
    In function.php I connect to the DataBase
    Signature

    {{ DiscussionBoard.errors[1646603].message }}

Trending Topics