Content Access

2 posts by 2 authors in: Forums > CMS Builder
Last Post: November 17, 2023   (RSS)

By Dave - November 17, 2023

Hi Kenny, 

Can you try this?  I added a check at the top to make sure the user is logged in and some temporary debug code at the bottom to see what $CURRENT_USER is actually set to.

if (!@$CURRENT_USER['num']) {
  die("Not logged in"); 
} else if (@$CURRENT_USER['admin_access']) {
    // Admin can access any record
    $userAccessCondition = "1"; // Always true condition
} else if (@$CURRENT_USER['owner_access']) {
    // Regular owner can only access their own record
    $userAccessCondition = sprintf("createdByUserNum = '%s'", mysql_escapef($CURRENT_USER['num']));
} else {
    // Debug code
    echo "has owner_access: "; 
    echo @$CURRENT_USER['owner_access'] ? "true\n" : "false\n"; 
    showme($CURRENT_USER);

    // No access if neither admin nor owner
    die("Access Denied");
}

The code looks correct at first glance, so we want to check all the variable names match up and that $CURRENT_USER is defined.

Let me know what you find out.

Dave Edis - Senior Developer
interactivetools.com