Two rules allowing access to two sets of pages
Not sure if that title explains my issue very well.
The set up is fairly straightforward - I have a set of pages that users can access to upload tour itineraries to a website. And also a second set of admin pages only accessible to site owners to perform administrative functions.
I've just noticed that when a user from either group is logged in, they can access the other group's pages. Obviously this should not be happening.
I suspect this may be my fault to a degree, as in both database tables the unique ID field is the same name - UserID.
Because of this, the session name has ended up being the same in each case, ie SecurityAssist_UserID.
If anyone could advise of the most painless and straightforward way to fix this that would be much appreciated. Thanks.