No access to secured pages - and no info

I've been troubleshooting a problem for hours now...I have applied simple rules to pages, and I can log on, but even as Administrator, I cannot access ANYTHING that is under SecurityAssist.

Code in page, ltac.org/mainmembers/news.php

<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php
if (!WA_Auth_RulePasses("LTAC Members")){
WA_Auth_RestrictAccess("../AccessDenied.php");
}
?>

HelperGroup rules php rules:

<?php

function WA_Auth_GetComparisonsForRule($ruleName){
$comparisons = array();

switch ($ruleName){
case "Administrator":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['userLevel']))?$_SESSION['userLevel']:"") ."", 1, "3");
break;
case "LTAC Members":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['userLevel']))?$_SESSION['userLevel']:"") ."", 6, "1");
break;
case "Power Users":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['userLevel']))?$_SESSION['userLevel']:"") ."", 6, "2");
break;
}
return $comparisons;
}


function WA_Auth_GetGroup($groupName){
$group = Array();

switch ($groupName){
}
return $group;
}

?>

You can see at LTAC_visitors_index.php

log in with dci user dci password (assigned level 3 Administrator)

Log in works, but the redirect to news.php works then denies access and goes to AccessDenied.php (as bad login would).

I cannot figure out what I am doing wrong here.

Also, can't find any log file to explain the error.

Thanks for any help possible. This has to be some basic problem I'm missing.

I can see what you mean, it looks like the rule for LTAC Members is failing. Are you setting the access level in the $_SESSION['userLevel'] variable? You need to ensure that it has the proper value in it. Also, when you crafted the rule how exactly did you set it up? Please post back with this info so we can check into this further with you.

Yes, the database table is set up properly. I'm looking to find any indication that, in the process of working with four different client security files (they just couldn't make up their mind) and naming the field userLevel and UserLevel if the system hasn't somehow got the wrong value in the lookup.

I don't know where to find that exactly. None of the security levels work...1, 2 or 3. They did work some days ago before another table switch for the client. I deleted files created by the Wizard and re-ran SecurityAssist; I re-loaded all of the objects in the SecurityAssist folder. Since then, authorization works for login but the user level is ignored.

I think I'll go back and delete all of the objects for SecurityAssist and re-run the wizard, then reload and see what happens. I think this is my problem, or mine along with Bill Gates. :)

Well, I've renamed the table field Sec_Level because I'm just not sure whether it was having a problem with User_Level vs. user_Level. I deleted WASecurityAssist folder and re-ran the Wizard, then reloaded the folder on the host. I set up the rules in exactly the same manner as before, as shown above in this thread.

I still cannot get it to recognize user levels. Are there any files outside of WASecurityAssist folder that affect this function? I frankly cannot find any reference in any code to "levels

I appreciate your kind assistance.

The rules and how they work are defined in the helper group rules page that you posted previously. If you can please post back with a copy of your current WA_SecurityAssist and a copy of a page that has the rule applied to it and a copy of your login page in a zip archive, I can do some testing to see what the problem might be.

If you can also post back with an example record from your table that might help to determine if there is a problem with the way you are setting up the experience.

Thanks for your assistance.

I started today by clearing everything and starting over...and it still has the problem.

The attachment is the SecurityAssist folder created today with an updated css and image subfolders.

I used the base login included, but also a copy of it as LTAC_visitors_index.php.

The news.php object is the login target page in subdirectory /mainmembers and I gave you the entire folder.

The permissions are:

Admin = 3
Power >= 2
members >=1

Here is also a snapshot of the Security_Master file structure.

User=admin
Pwd=cathyc

User Level is 3

your login page only creates a session named "Member_ID":

"sessionColumns" => explode($WA_Auth_Separator,"Member_ID"),

"sessionNames" => explode($WA_Auth_Separator,"Member_ID"),

the only rule you have created that uses the Member_ID session is the Logged in to Security_Master rule.

Well, the Security Assist Wizard created the page and the code. It then had me create the access rules.

Access is based on the User_Level field value of the Member_ID record, right?

What do I need to change in code to make this work?

my point is that the access rules you created use a session variable named "userLevel"

no session variable named userLevel is created when the user logs in.


perhaps it would help if you viewed the "User Level Authentication" tutorial in the solution recipe section of the security assist support page:
securityassist/