• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Session Issue

#1
[eluser]Wondering Coder[/eluser]
I have an issue in using session.

First of all I'm using DB session in CI and I have 2 panels which are the client/user panel and admin panel. Now my scenario is when I am currently logged in my client panel then try to go to my admin panel without logging out first in my client panel. I am able to view the content of my admin panel using the session cookie of the client user.

Code:
public function is_logged_in()
    {
        $is_logged_in = $this->session->userdata('is_logged_in');
        if(!isset($is_logged_in) || $is_logged_in != true)
        {
            echo 'You don\'t have permission to access this page. <a href="../">Login</a>';    
            die();        
            
        }        
    }

Any idea on how to solve this? or secure my application.

#2
[eluser]guidorossi[/eluser]
You will need different users groups like:
Group 1 for users
Group 2 for mods
Group 3 for admins

in a "gropus" table

and then

Code:
if(!$is_logged_in || $user_group < 2)
{
// not allowed
}


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.