Why is this page allowing access?
Have set up a log in page to admin back end pages, which is based on useremail and user password. that works fine. the "home" page for the users is teamhome.php. this page uses the session value TeamID, to populate the right club info.
i added a Restrict Access To Page behaviour and set up a rule called login2016. my rules were session value useremail = recordset value "email" and session value password = recordset field "password".
But if i try and access teampage.php without logging in it grants me access. it doesnt populate and club info as there is no session value, but i want it top refer me to the login page. what am i doing wrong?
have zipped what i guess are appropriate pages. thanks guys