1) This code uses the switch case concept. You cannot add an else statement to the switch .. case.
think of it as a switchboard.
the switch statement sets a variable to be used for comparison. the case statement sets an action to be performed if the comparison variables matches the case value.
the code:
switch($_SESSION['userLevel']) {
case "1":
header("Location: admin_index.php");
break;
case "2":
header("Location: clients_index.php");
break;
}
could also be written using if... else, but switch... case is more efficient:
<?php
if($_SESSION['userLevel'] == "1") {
header("Location: admin_index.php");
} elseif($_SESSION['userLevel'] == "2") {
header("Location: clients_index.php");
}
?>
to add a third scenario to the switch... case code, you just need to add another case statement:
switch($_SESSION['userLevel']) {
case "1":
header("Location: admin_index.php");
break;
case "2":
header("Location: clients_index.php");
break;
case "3":
header("Location: admin_index.php");
break;
}
2) Redirecting back to the previous page is not done using a session variable. when you access a proteced page, it redirects to the login page with a querystring varaible that contains the path to the protected page named "accesscheck":
users_login.php?accesscheck=%2Fsculptortocms%2Fadmin_cms%2Findex.php%3F
just make sure that the action of the login form on the login page is set to pass any existing querystreing variables by using this code for the action attribute:
action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?><?php echo (isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] != "")?"?".htmlspecialchars($_SERVER["QUERY_STRING"]):""; ?>"
