authorization

[eluser]Unknown[/eluser]
Hello,

Am quite new to this. I'm making a page with three different type of users. admin, customer and sales.

I made a model Login:

Code:

<?php
class Login extends model{
    
    function Login(){
        
        parent::Model();
        
    }
    
    function check($type_of_page){
        $this->load->library('session');
        $user_type= $this->session->userdata('user_type');
        
       if($user_type==$type_of_page){
        
        $session_id= $this->session->userdata('session_id');
        
        $this->db->where('session_id', $session_id);
        $this->db->from('ci_sessions');
        $number_of_results= $this->db->count_all_results();
        
        if($number_of_results>0 && $this->session->userdata('logged_in')){
           return TRUE;
        
        }
        else {
            
            redirect(login_check_failed);
            
            
            
        }
       }
    }
}
?>

And i want to lock a user to controllers that that type of user is allowed to see by calling
$this-Login->check('user_type') from the controller and redirect to a error page if the user is not allowed to access that page. I autoload the model Login.

Code:

<?php

class Apply extends Controller {

    

      function Apply(){

            parent::Controller();        

        $this->Login->check('admin');

      

        }

        

        function index(){

            //data till menyn    

            $this->load->helper('admin/menu');

            $this->load->helper('admin/apply');

            $data['menu']=getMenu("apply");

            $data['links']=getLinks();

            $this->load->view('/admin/header', $data);

            $this->load->view('/admin/footer');

        

    }
}

I get this error message when trying to run apply

A PHP Error was encountered

Severity: Warning

Message: Cannot modify header information - headers already sent by (output started at /opt/lampp/htdocs/gov/application/controllers/admin/apply.php:175)

Filename: libraries/Session.php

Line Number: 383

Since i run the login->check() from the top the headers should'nt have been sent? What am I missing?

[eluser]Merolen[/eluser]
Somewhere you might have a echo, print_r or something similar, at least that's by experience what's wrong 99,9% of the time. What ever is at that line "output started at /opt/lampp/htdocs/gov/application/controllers/admin/apply.php:175" might be a good place to start.

It happens when you print something to the screen before redirect()

[eluser]Unknown[/eluser]
yepp, empty lines after the end of the controller... thanks!

New problem though... It does not redirect when I'm not logged in as admin (or not logged in at all)... any suggestions?

[eluser]Merolen[/eluser]
Not sure here, but when you have logged in an entry is set in the database, but is it still valid with your current session id even after you logged out and it sees you as logged in? Should something be done with the database?

In the if/else comment out the redirect and to a extensive echo test on each variable Nothing is more fun than debugging :grrr:

Good luck :cheese: