2

To view news section in my website you must be logged in (either as a regular account = login_user or admin = admin ) and you can see the uploaded news in chronological order. If you are not logged in as either conditions, direct to somewhere else. HOWEVER the code is thinking none of the conditions are met even when logged in with regular account or admin account and simply directing me elsewhere...

<?php
error_reporting(0);
session_start();
if(!isset($_SESSION['admin']) || !isset($_SESSION['login_user']))
{
?>
<div class = "api" style="position: absolute;
    top: 140px;
    right: 400px;
    width: 730px;
    height: 400px;word-wrap: break-word;">

<h2 align = "center"> <font color ="red"> You Do Not Have Permission To View this Page. </font> <br><br> Your Options Are: 
<br><br><br>
<a href="index.php"> Create and Register for A New Account </a> <br> <br> <br> OR <br> <br> <br> <a href="indexmember.php">Log In With An Existing Account. </h2>
</div>


<?php
}
elseif(isset($_SESSION['admin']) || isset($_SESSION['login_user']))
{
    include 'connect.php';
?>
<div class = "api" style="position: absolute;
    top: 10px;
    right: 220px;
    width: 1200px;
    height: 3200px;word-wrap: break-word;" id="easyPaginate">


<?php
$query = mysqli_query($con,"select * from news order by date DESC");
while($r = mysqli_fetch_array($query))
{
    ?>
    <section class="propertypage">
    <br> <br>
    <h4><?php echo "<b><u>Title</u>: </b>".$r['Title']; ?></h4>
    <h4><?php echo "<b><u>Detail</u>: </b>".$r['story']; ?></h4>
    <h4><?php echo "<b><u>Published Date</u>: </b>".$r['DATE']; ?></h4>
    <img src="<?php echo $r['image']; ?>" height="600px" width="1200px"/>
    <br> <br> <br>
    </section>
<?php
}
?>
</div>

<?php
}
?>
Improve this question
1
  • The first if should be &&, not ||, now your testing "if your not an admin or if your not a regular user show register text Commented Jun 21, 2016 at 21:21

3 Answers 3

Reset to default
5

You want:

if(!isset($_SESSION['admin']) && !isset($_SESSION['login_user']))
    // ....

This is saying if the user isn't an admin and the user isn't a login user, then they must not have the privilege.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@FelixFaal. Anytime. Remember to except the answer so you can gain points.
0

!isset($_SESSION['admin']) and !isset($_SESSION['login_user']) both or at least one of them will always be true, so the condition of the first if statement will always be true. If u r logged in as admin, u r not logged in as normal user and if u r logged in as normal user, u r not logged in as admin. I think this is the problem, hope it helps

Improve this answer

Comments

0

This is a logic problem.

if(!isset($_SESSION['admin']) || !isset($_SESSION['login_user']))

This means if the admin variable OR the user variable are not set you're going to redirect. If you have one set but not the other, it's still going to redirect.

if(isset($_SESSION['admin']) || isset($_SESSION['login_user']))

This will likely fix your problem. Not's and or's can be tricky sometimes. This conditional will make sure that if either the user or the admin sessions are set you're golden.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.