33 lines
608 B
PHP
33 lines
608 B
PHP
<?php
|
|
function checkLogin($levels)
|
|
{
|
|
if(!$_SESSION['logged_in'])
|
|
{
|
|
$access = FALSE;
|
|
}
|
|
else {
|
|
$kt = split(' ', $levels);
|
|
|
|
$query = mysql_query('SELECT Level_access FROM users WHERE ID = "'.mysql_real_escape_string($_SESSION['user_id']).'"');
|
|
$row = mysql_fetch_assoc($query);
|
|
|
|
$access = FALSE;
|
|
|
|
while(list($key,$val)=each($kt))
|
|
{
|
|
if($val==$row['Level_access'])
|
|
{//if the user level matches one of the allowed levels
|
|
$access = TRUE;
|
|
}
|
|
}
|
|
}
|
|
if($access==FALSE)
|
|
{
|
|
header("Location: login.php");
|
|
}
|
|
else {
|
|
//do nothing: continue
|
|
}
|
|
|
|
}
|
|
?>
|