When a person logs into my site i need to check a value in a database for their roleid, and dependent on that i need to allow/deny access to a page.

I have this code but it says that the $_SESION variable 'Access' is undefined, i cant see why?

$email = mysql_real_escape_string($_POST['email']);
            $password = md5(mysql_real_escape_string($_POST['password']));

            $checklogin = mysql_query("SELECT * FROM person WHERE email = '" . $email . "' AND password2 = '" . $password . "'");

            if (mysql_num_rows($checklogin) == 1) {
                $row = mysql_fetch_array($checklogin);
                $roleid = $row['roleid'];

                $_SESSION['Email'] = $email;
                $_SESSION['LoggedIn'] = 1;
                $_SESSION['Access'] = $roleid;

                echo "<h1>Success</h1>";
                echo "<p>We are now redirecting you to the member area.</p>";
                echo "<meta http-equiv='refresh' content='2;index.php' />";
            } 

            else {
                echo "<h1>Error</h1>";
                echo "<p>Sorry, your account could not be found. Please <a href=\"index.php\">click here to try again</a>.</p>";
            }

This is where the undefined index error occurs:

if (!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Email']) && $_SESSION['Access'] == '3')

To note--
I have used session_start() in my base.php which is included at the top of this file.

EDIT***
I have even tried just setting it to 3 but it says undefined still?

do a var_dump on the session variable, if it returns NULL that means it's undefined.

I know you said that you have session_start() declared above. also make sure that session_start() is declared everywhere else where $_SESSION is useds

ex: File1.php

session_start();
$_SESSION['foo'] = 'bar';

File2.php

session_start();
echo $_SESSION['foo']; //outputs: bar

I think the variable is definitively undefined, but why? shouldn't it be set with the above code?

Are the other $_SESSION variables defined?
If not, you are probable missing a session_start() somwhere or your query is invalid.

Yeah, the other variables are defined and work.

Try putting something else then $_SESSION like $_SESSION.
Maybe Access isn't allowed by PHP

Member Avatar for Zagga

Are you sure $roleid is being pulled from the database correctly? Try echoing it before you set it as the session variable to check.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.