I have created a page where modorators (group 2) can have their own page to show whats going on, banned users etc. I want admin (group 1) to be able to access the page as well. The function im using is:
function mod_protect() {
global $user_data;
if (has_access($user_data['user_id'], 1, 2) === false) {
header('Location: index.php');
exit();
}
}
when i use just the mods group number (2) it works fine but when i try to put both in only 1 works??
Sorry has_access code:
function has_access($user_id, $type) {
$user_id = (int)$user_id;
$type = (int)$type;
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` = $type"), 0) == 1) ? true : false;
}
Based on your code, you could do this (though it would use two queries when one could easily be used - that is optimization for you to do though):
if (has_access($user_data['user_id'], 1) === false && has_access($user_data['user_id'], 2) === false) {
header('Location: index.php');
exit();
}
Might I suggest this as an alternative approach to your has_access() function:
function has_access($user_id, $type) {
$user_id = (int)$user_id;
if( is_array( $type ) {
$types = implode(',',$type);
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` IN ($types)"), 0) == 1) ? true : false;
else {
return (mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_id` = $user_id AND `type` = $type"), 0) == 1) ? true : false;
}
}
Doing this way allows you to either pass a single type to the has_access() function or pass an array of types to the same function.