User level access
I have set up a group (USERS(2) & ADMINS(3)) which gives them their respective rights to the cpanel, but a also have another 2 levels Administrators(3) and Visitors(1) by itself
As I login as Users & Admins when go to pages that only administrators have rights, it sends me to the not_authorized.php page, but when I log out and hit the back page on the browser, it allows me to see the pages again.
If I login as Administrator, it gives all the rights to modify, add, etc. But when I log out and hit the back page on the growser, it also allow me to see the pages again, except that it only allows the same rights as the Users & Admins, to see and search.
On both cases it should not allow me back into the cpanel at all. I also clear the browser cash and it still allows me to get back into cpanel and visualize the the Users & Admins pages. It's weird. I've done other sites and looked over the code and it's all the same and on this one it gives me that problem.
Another question: Someone already had posted previously but I still didn't quite get it.
If you have everyone using the same Login page, administrators, members, users and perhaps visitors, can you redirect each person to their respective pages or directories, can you make a CASE inside of the login page to where you can give the option for each and every type of login.
Ex.
Case()
{
if (visitors = 1 goto VISITORSDIR/index.php
else)
if (users = 2 goto USERSDIR/index.php
else)
if (administrators = 3 goto ADMIN/index.php
else)
}
If something like that is not possible at the moment, can you people consider implementing it in the near future Security Assist Plug-In.
Your help is much appreciated,
thanks.