hello,
I have a secure area setup with sessions. it works fine detirmining if a user is logged in. Now i am going back and modifying my code to handle different user levels that i have set up.
This piece of code is the problem, and no matter what user level, it is performing a redirect.
if( ($userlevel != 'Super Soldier') || ($userlevel != 'Admin') )
{ header("Location: [url]http://location[/url]");
exit();
}
Does anything look wrong with this? I may be just tired and can't see the problem. User levels are displayed in comments below.
session_start();
$loggedin = isset($_SESSION['status']);
if($loggedin)
{ $username = $_SESSION['username'];
$userlevel = $_SESSION['userlevel'];
// userlevels - Super Soldier, Admin, Moderator, undefined, User, Viewer
}
elseif(!$loggedin)
{ // if session check fails, invoke error handler
header("Location: [url]http://error[/url]");
exit();
}
if( ($userlevel != 'Super Soldier') || ($userlevel != 'Admin') )
{ header("Location: [url]http://location[/url]");
exit();
}
I know the header location links are not valid, this board kept screwing up the correct links.
Any idea what i am doing wrong?
