Roberto
Posts: 7
|
Posted: 05/17/2004, 1:27 AM |
|
Hi,
I'm having a problem with the security on a site with 2 user levels - one setup using the project builder from the outset ("user"), and the other ("coy") added afterwards by creating an extra ID level and setting the relevant pages and form elements to restricted.
The original user level security works fine and the additional "coy" security level allows access to the correct restricted pages and is blocked, correctly, from others. The problem arises when someone in the "coy" group tries to submit or update info, when they are immediately returned to the login page with a url ending in "illegalGroup":
eg. http://localhost/xc/coy/coydetails.php?ret_link=%2Fxc%2...pe=illegalGroup
This only happens in the "coy" group and happens even when only the page is restricted and not the forms in it. The correct session variable is maintained throughout.
I have chased round and round, created extra groups with different names, restricted and unrestricted pages and forms, checked that the session variables are correct and so on. I'm tearing my hair out!
Any help with this would be greatly appreciated.
|
|
|
Roberto
Posts: 7
|
Posted: 05/23/2004, 3:44 AM |
|
Solved by doing a workround. I used the option to give higher groups the access rights to lower groups, then hid the unwanted page links from the higher group.
|
|
|
|