Not restricting access as it's supposed to
I seem to be having one of those days today, a client has just called to say that the restricted pages and links on his site are viewable to all at the moment.
The Manufacturer and Distributor Links are enclosed in a SA Show region behaviour like so with a link to the helper file at the top of the page:
<?php if(WA_Auth_RulePasses("Distributor")){ // Begin Show Region ?>
<li><a href="/manufacturers/" title="Manufacturer List">Manufacturers</a></li>
<li><a href="/distributors/" title="Distributor List">Distributors</a></li>
<?php } // End Show Region ?>
and the pages have the following code
<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?>
<?php
if (!WA_Auth_RulePasses("Distributor")){
WA_Auth_RestrictAccess("../login.php");
}
?>
My HelperGroupsRulesPHP.php looks like this
<?php
function WA_Auth_GetComparisonsForRule($ruleName){
$comparisons = array();
switch ($ruleName){
case "admin":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['accessGroupID']))?$_SESSION['accessGroupID']:"") ."", 1, "1");
break;
case "Distributor":
$comparisons[0] = array(TRUE, "".((isset($_SESSION['accessGroupID']))?$_SESSION['accessGroupID']:"") ."", 4, "4");
break;
}
return $comparisons;
}
function WA_Auth_GetGroup($groupName){
$group = Array();
switch($groupName){
}
return $group;
}
?>
For the life of me I cannot figure out why the pages and links are not protected.