[eluser]CroNiX[/eluser]
Actually, I think you code IS working, just not the way you are wanting it to.
You must realize that if a session variable is
not set, the session will return boolean false when checking for it, like $this->session->userdata('is_admin').
Quote:Note: The function returns FALSE (boolean) if the item you are trying to access does not exist.
so if "is_admin" is not present in the session array, which it won't be for a regular user, it will return boolean false, which is why your non-admin user can log in. It's your logic that is wrong.
Also, you should be using tripple === when checking for a boolean, so that "0" doesn't count as false. You need to explicitly check for the type.
Try:
Code:
if ($this->session->userdata('is_admin') !== TRUE)
which should only work if they are logged in and is_admin is set to boolean TRUE
If they aren't logged in, it will return FALSE (is_admin won't be set)
If they are logged in and is_admin is NOT set (regular user), it will return FALSE
If they are logged in and is_admin is set to FALSE, it will return FALSE (they are logged in but not admin)
if they are logged in and is_admin is set to TRUE, it will return TRUE. (they are logged in and are admin)
So, only allow if is_admin === TRUE, reject if is_admin === FALSE.