Restrict access to those above a certain security level AND that have a validated account
I'm pretty sure this is possible with WADB SA.. I just can't get it to work. ;)
I would like to restrict access to some pages based on a user having a security clearance above a certain level and they must have an activated account.
I have the security levels setup and working and dumped into a session value, and the account verification is also up and running and dumping the status into a session variable as well.
The issue is that only one of the two conditions needs to be true in order for the rule to pass (or so it seems.) This means that anyone with a verified account of any level can get to any areas as long as they pass the "activated" part of the rule and anybody can access the site if they have a security level, even if they are not activated.
How do I make both rules required to pass the check?
I hope that's as clear as mud. ;)