Thought I should put the code in here...
<?php require_once('Connections/PathTo.php');?>
<?php require_once( "WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
$WA_Auth_Parameter = array(
"connection" => $PathTo,
"database" => $database_PathTo,
"tableName" => "users",
"columns" => explode($WA_Auth_Separator,"emailaddress".$WA_Auth_Separator."password".$WA_Auth_Separator."orgcode"),
"columnValues" => explode($WA_Auth_Separator,"".((isset($_POST["username"]))?$_POST["username"]:"") ."".$WA_Auth_Separator."".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") ."".$WA_Auth_Separator."".((isset($_POST["userorgcode"]))?$_POST["userorgcode"]:"") .""),
"columnTypes" => explode($WA_Auth_Separator,"text".$WA_Auth_Separator."text".$WA_Auth_Separator."text"),
"sessionColumns" => explode($WA_Auth_Separator,"uid".$WA_Auth_Separator."userlevel".$WA_Auth_Separator."emailaddress".$WA_Auth_Separator."orgcode"),
"sessionNames" => explode($WA_Auth_Separator,"uid".$WA_Auth_Separator."userlevel".$WA_Auth_Separator."emailaddress".$WA_Auth_Separator."orgcode"),
"successRedirect" => "landing.php",
"failRedirect" => "dead.php",
"gotoPreviousURL" => TRUE,
"keepQueryString" => TRUE
);
WA_AuthenticateUser($WA_Auth_Parameter);
}
?>
The the internal pages have:
<?php require_once( "WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php
if (!WA_Auth_RulePasses("everyone")){
WA_Auth_RestrictAccess("not-logged-in.php");
}
?>
However, like I said, while not logged in I can view the page and it displays everything, except the session stuff...
Any additional ideas?