close ad
Help us test the new Databridge BETA with MySQLi support
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Access Check is not working as it should.

Thread began 11/04/2009 2:43 pm by larsentim278054 | Last modified 11/05/2009 8:15 am by larsentim278054 | 2015 views | 11 replies |

larsentim278054

Access Check is not working as it should.

Okay, this is a little confusing but here it goes..

If I'm logged into the site (a site that is using Security Assist's user registration wizard) - it's all working fairly well except for some minor details.

When I logout - I can go to the login screen, log in, and everything is fine.

BUT if I go to the members page that requires the user to be a registered user - it sends me to the login screen (like it should) BUT it adds the "access check" page as the awaiting verification page that it sends people to if they try to login but are not verified yet. Instead of just logging them in and going to the main members page. Is that confusing?

So in other words - I log out. I go to the members page (instead of logging in first). It brings me to the login screen. I login, but instead of sending me back to the members page (which is where I originally tried to goto), it sends me to the "awaiting verification" page instead (as if I'm not verified - although I am). I can go to the members page by typing it in my browser though, so it does know that I have the proper access, it just thinks that I want to go to the awaiting verification page for some reason (which is the access denied page if they aren't a registered user).

It's setup this way because I have to manually verify all new user registrations. And until I change their user level to the appropriate level, if they try to login, and they aren't a verified user, it goes to the awaiting verification page which tells them they need to wait a little longer. For some reason, if someone goes straight to the members page, without logging in first (and even though they are verified), it sends them to the login page, they log in, but instead of going to the members page, they go to the awaiting verification page for some reason. There's something wrong with the logic.

Sign in to reply to this post

Jason ByrnesWebAssist

Please send a copy of the login page so I can look at the code.

Sign in to reply to this post

larsentim278054

Here's the login page.

Attached Files
users_LogIn.zip
Sign in to reply to this post

Jason ByrnesWebAssist

I'd also like to look at thye code on the awaiting verification and members pages please.

Sign in to reply to this post

larsentim278054

Sure - here they are.

Attached Files
awaiting_verification.zip
membersindex.zip
Sign in to reply to this post

Jason ByrnesWebAssist

Right, I see the problem:



On the memembers index page yu have the following code:

php:
<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?>

<?php
if (!WA_Auth_RulePasses("Verified Member")){
    
WA_Auth_RestrictAccess("../awaiting_verification.php");
}
?>




this checks if they are a verified member and sends them to the awaiting_verification.php page.


they are not logged in, so they cant be a verified member either ;)


on the awaiting_verification.php page you have the following:

php:
?php

if (!WA_Auth_RulePasses("Logged in to users")){
    WA_Auth_RestrictAccess("users_LogIn.php");
}
?>




they are not logged in so they are directed to the login page. Since the awaiting_verification.php page was the page that actyually sent them to the login page, it is page they get directed to.



on the members page, change the code:

php:
<?php

if (!WA_Auth_RulePasses("Verified Member")){
    
WA_Auth_RestrictAccess("../awaiting_verification.php");
}
?>




to:

php:
?php

if (!WA_Auth_RulePasses("Logged in to users")){
    WA_Auth_RestrictAccess("../users_LogIn.php");
}
?>
Sign in to reply to this post

larsentim278054

But that will let anyone that registers into the members page, won't it? I only want verified members on that page.

Sign in to reply to this post

Jason ByrnesWebAssist

OK, then use:
<?php
if (!WA_Auth_RulePasses("Verified Member")){
WA_Auth_RestrictAccess("../users_LogIn.php");
}
?>

Sign in to reply to this post

larsentim278054

Is it possible to have it so that registered but not verified users go to awaiting verification page?

Sign in to reply to this post

Jason ByrnesWebAssist

You have to first check if the are loged in, the check if the are verified:

php:
<?php

if (!WA_Auth_RulePasses("Logged in to users")){
    
WA_Auth_RestrictAccess("../users_LogIn.php");
}
?>
<?php
if (!WA_Auth_RulePasses("Verified Member")){
    
WA_Auth_RestrictAccess("../awaiting_verification.php");
}
?>
Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...