Hi everyone I've done research and i can't seem to figure out what my code is doing. I know that session variables should change unless changing them or removing them. I don't think the issue is specific to the browsers back button either because the variable in question doesn't seem to work when accessing another page forward it just works on the home into another page but when i access another page it doesn't seem to work.
I am building a custom CMS ( has to be ccustom, i already pondered all the other options) Im basically doing a Access control script. First i tried it by storing the user role or user type in the session as a variable but it wouldn't work when pressing back or going a third page in. The variable is used to show menu links depending on the user type.
this is how i check for my session
$now=time();
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['session_user_name']) || $now - $_SESSION['session_start']>60*60){
header('Location:login.php');
exit;
}else{
//$user_name = $_SESSION['session_user_name'];
//$user_type = $_SESSION['session_user_type'];
}
require(CMS_ROOT.'/classes/acl.php');
$user_role = new ACL();
$user_type = $user_role->userRole;
this is my ACL class
class ACL
{
var $userID = 0; //Integer : Stores the ID of the current user
var $userRole = ''; //String : Stores the roles of the current user
function __constructor($userID = '')
{
if ($userID != '')
{
$this->userID = floatval($userID);
} else {
$this->userID = floatval($_SESSION['session_user_id']);
}
$this->userRole = $this->getUserRole();
}
function ACL($userID='')
{
$this->__constructor($userID);
}
function getUserRole()
{
global $table_prefix;
$user_id = $this->userID;
$strSQL = "SELECT user_type FROM ${table_prefix}users WHERE user_id = $user_id" ;
$data = mysql_query($strSQL) or die(mysql_error());
$resp = 'null';
$row = mysql_fetch_assoc($data);
$resp = $row['user_type'];
return $resp;
}
}
and this is the menu
<nav>
<ul>
<?php echo $user_type; if($user_type == 'administrator' || $user_type == 'manager'){?>
<li><a href="<?php echo $cms_path; ?>/index.php">Home</a></li>
<? } ?>
<?php if($user_type =='administrator' || $user_type == 'manager'){?>
<li><a href="<?php echo $cms_path; ?>/users/user_view.php" >Users</a></li>
<? } ?>
<?php if($user_type == 'administrator' || $user_type == 'manager'){?>
<li><a href="<?php echo $cms_path; ?>/clients/client_view.php" >Clients</a></li>
<? } ?>
<li><a href="<?php echo $cms_path; ?>/albums/album_view.php" >Albums</a></li>
<li><a href="<?php echo $cms_path; ?>/logout.php">logout</a></li>
</ul>
</nav>
I hope someone can help or steer me in the right direction.