user3026339
Reputation:
PHP - Authenticate with TWO session variables
I am trying to verify a client's membership level. I check two session variables; client username, and their level of membership.
What I want to happen:
- If the user's membership level does not match a level of 3, then they get booted back to the login page.
What actually happens:
- When I login as the user, who does not match the membership level of 3, they still see the content.
(Both variables are set when the user logs in, and I have verified that both session variables are strings.)
This is what I have currently:
<?php
session_start();
if (!isset($_SESSION['username']) && $_SESSION['level'] == "3") {
$_SESSION['msg'] = "You have an incorrect membership level";
header('location: ../auth/client_login.php');
}
?>
Am I missing something simple, or is this the wrong way to go about checking two session variables? Thank you for your time in advance.
Upvotes: 1
Views: 83
Answers (1)
user3026339
Reputation:
If anyone else stumbles upon this post, I spotted the error that @FunkFortyNiner posted above in my initial question. I fixed it by implementing a trivial fix:
if((isset ($_SESSION['username'])) && ($_SESSION['level']!=3)
Upvotes: 1
Related Questions
- Using sessions & session variables in a PHP Login Script
- Combining HTTP Authentication and PHP Sessions?
- verifying two session variable upon log in
- Is my session management right?
- PHP session for user authentication
- creating two different sessions in PHP
- Using session to Authenticate in PHP
- Alternative to using Session Variables for Authentication
- PHP $_SESSION Implementation