close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Where am i going wrong!?

Thread began 7/13/2015 4:15 am by russell298997 | Last modified 7/14/2015 9:10 am by Ray Borduin | 1304 views | 5 replies |

russell298997

Where am i going wrong!?

Trying to secure an area of pages on a site www.coverteachers.co.uk. Created a login page called teachers_register.php and that should log them in according to their last name and user id no from the database. should then send them to cover-resources-home.php.

in itself that works ok. But i wasnt all further accesible pages from therein to be secure (i.e. user must be logged in to view them. At the login stage i requested session variables for every database field, but when i try to call any of them on any page past log in i.e. i set a binding on the cover-resources-home.php page (<?php echo $row_rsMembers['MFirstname']; ?>), they dont appear.

I also tried to use the SecurePage function, telling it to compare the seesion value MCoverID (their unique username), with the recordset rsMembers, which is flitered by the same session variable. But nothing works. I cant see the session variables after the log in page and i cant create a rule that says @allow user access if logged in". I have attached the files relevant - is there any way you could point me in the right direction. I couldnt find a tutorial on setting up simple access rules and my access rules are based on the session variables anyway, and they dont seem to pass thru.

I/m sure I/m doing something fundamental wrong here!

Appreciate your help as ever!

Attached Files
WAFiles.zip
Sign in to reply to this post

Ray BorduinWebAssist

You should just secure the page with the "logged into users" rule.

You probably just have to start the session on the top of the page to start using the session variables defined. If you add the Restrict Access to page server behavior the session should automatically be started which should kill two birds with one stone.

To activate the session without applying the restrict access server behavior you can add this to the top of the page:

<?php
@session_start();
?>

Sign in to reply to this post
Did this help? Tips are appreciated...

russell298997

Originally Said By: Ray Borduin
  You should just secure the page with the "logged into users" rule.

You probably just have to start the session on the top of the page to start using the session variables defined. If you add the Restrict Access to page server behavior the session should automatically be started which should kill two birds with one stone.

To activate the session without applying the restrict access server behavior you can add this to the top of the page:

<?php
@session_start();
?>  


Thanks ray. Where do I find the 'logged in as user' rule?

Sign in to reply to this post

Ray BorduinWebAssist

If you apply the restrict access to page server behavior, that rule will be listed in the list of triggers.

Sign in to reply to this post
Did this help? Tips are appreciated...

russell298997

I'm using SecuirtyAssist via Databridge and there doesnt appear tobe a Restrict Access To Page option. I can only see Secure Page - but that was what I have already used that didnt work. i now have the session variables working ok. I set up the rule as per the screengrab which i thought was saying 'if MCoverID (the unique ID number for each member of the datatbase) is same as Session variable MCoverID then user is granted access'. But it wont accept it. ANy clues on whjat rule I should write? I just want this, and subsequent pages to be only available to users who have logged in to y resouirce-login.php page....?

Sign in to reply to this post

Ray BorduinWebAssist

Restrict access to page is applied through the pages manager.

Rules are applied through a function, which means there is a variable scoping problem when trying to use a recordset in a rule. You can save the value from the recordset into a session variable and then compare two session variables in the rule.

Sign in to reply to this post
Did this help? Tips are appreciated...

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...