Logic issue - can't login on my own login system

Hi, :injured:

Here is the function that verifies the login:

public function verificaLogin($nivelAcesso = 0, $pURL = false)
    {
        //se nao houver variável de sessão setada ou se o nível de utilizador for menor que o nível de acesso:
        if (!isset($_SESSION['idUtilizador']) OR ($_SESSION['nivelUtilizador'] < $nivelAcesso))
        {
            // Destr&#243;i a sess&#227;o
            session_destroy();

            // e redirecciona para url
            if ($pURL)
            {
                Funcao::redirecciona($pURL);
            }

            $this->_msgErro = 'A p&#225;gina pretendida &#233; de acesso restrito ou a sua sess&#227;o expirou. Por favor, fa&#231;a login novamente.';

            return false;
        }
        else
        {
            return true;
        }
    }

Here is what I have on my restrict access page:


//aqui tem de estar o parametro ?msg
$login->verificaLogin(1, 'index.php?msg=erro');

The user level is 1 and the session is setted.

However, I’m getting the message:

A página pretendida é de acesso restrito ou a sua sessão expirou. Por favor, faça login novamente.

  • that is the error message defined on the function.

Is it a logic issue?
If not, what could this be?

Something to do with the return false and return true ?

Thanks in advance,
Márcio

Ok. I guess I found the place where the issue is, even if not WHAT exactly is causing it.

On the first restrict page, I have a conditional like so:

  
<?php if ($login->verificaLogin(2)) { ?>

            <h2>Associados</h2>

            <div><a href="AssociadoAdmin.php">Adicionar novo associado</a></div>
            

            <?php echo (isset($_GET['msg'])) ? '<div id="inserir-editar-sucesso"><span>O associado foi adicionado com sucesso.</span></div>':''; ?>
            <?php echo (isset($resultado['sucessoRemover'])) ? '<div id="inserir-editar-sucesso"><span>O associado foi removido com sucesso.</span></div>':''; ?>

            //something here

        <?php } ?>

So despite the fact that I can echo the variables once the page is started, I’m loosing them right after, when this conditional above:

<?php if ($login->verificaLogin(2)) { ?>

is checked ? Can I have your or anyone else help in order to properly understand what’s going on?

Thanks again,
Márcio

Thanks.

I have comment the redirect, and on my restrict page I have echoed the vars.

I’m getting undefined index on them. :s

I do have:
<?php session_start(); ?>

on the beginning…

Update 1: If I login with a user that as access level 2 the session of that user is preserved upon the following restricted pages.
Update 2: If I login with a user that as access level 1 the session is preserved when I go the first restricted page, but get’s lost when I try to access the second restricted page.

I have review and review again, and again, that second page were user level 1 loses the session and, at the beginning, I have exactly the same code as in the first page (where user level 1 as access with no problems).

I don’t mind to dig in of course, and try to find the cause, but I don’t even know were to look at on this case. Any advice, even remote would be appreciated.

Thanks again,
Márcio

Echo out your values of

$_SESSION[‘idUtilizador’] and $_SESSION[‘nivelUtilizador’]

and make sure you’ve set them correctly.