Can registered users see special part of pages than non registered users?

Hi everybody!

AU is a great class! I'm currently doing some tests, but I wasn't successfull in doing what I want.

Currently, the class can only protect whole page content to be displayed to none registered users.
I'd like to know if it is possible to use this class to protect part of pages and to display some information on public pages that can be seen by registered users only.
In other word, on a public page that everybody can access, can registered users view some part of the page that non-registered user can't?

Any clue are welcomed! 

Hi everybody!

AU is a great class! I'm currently doing some tests, but I wasn't successfull in doing what I want.

Currently, the class can only protect whole page content to be displayed to none registered users.
I'd like to know if it is possible to use this class to protect part of pages and to display some information on public pages that can be seen by registered users only.
In other word, on a public page that everybody can access, can registered users view some part of the page that non-registered user can't?

Any clue are welcomed! 

how about that:

Code:

<?php
if (isset($_SESSION['user'])) {
  echo "protected content";
} else {
  echo "unprotected content";
}

Oh great! This was so simple.
Thanks a million Olaf!

Oh great! This was so simple.
Thanks a million Olaf!

hehe, you're welcome

Here is my little contribution to this topic.
The script can display the name of the user, and I hope I didn't introduce security flaws:

Code:

<?php
include($_SERVER['DOCUMENT_ROOT']."/classes/access_user/access_user_class.php"); 

$this_user = new Access_user;
$logged_user = 0;
if(isset($_SESSION['user']) && $_SESSION['user'] != '') {
$this_user->user = $_SESSION['user'];
$this_user->user_pw = $_SESSION['pw'];
$this_user->get_user_info();
$hello_name = ($this_user->user_full_name != '') ? $this_user->user_full_name : $this_user->user;
$logged_user = 1;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Document sans nom</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<?php
if($logged_user == 1) {
echo $hello_name.'<br />';
}
?>
<h1>Test page</h1>
<h2>Section 1</h2>
Content of section 1
<h2>Section 2</h2>
Content of section 2
<?php if($logged_user == 1) { ?>
<h2>Section 3 (Need authentication)</h2>
Content of section 3
<p><a href="<?php echo $_SERVER['PHP_SELF']; ?>?action=log_out">Click here to log out.</a></p>
<?php } else { ?>
<p><a href="login.php">Login</a></p>
<?php } ?>
</body>
</html>

Think about your code, its not unsafe but you're doing things twice

If I don't call:

Code:

$this_user->user = $_SESSION['user'];
$this_user->user_pw = $_SESSION['pw'];

juste before:

Code:

$this_user->get_user_info();

It gives me an error.
What do you suggest?

(BTW, the link to log out on this sample page is not valid because I forgot to paste the code to log out)

If I don't call:

Code:

$this_user->user = $_SESSION['user'];
$this_user->user_pw = $_SESSION['pw'];

juste before:

Code:

$this_user->get_user_info();

It gives me an error.
What do you suggest?

(BTW, the link to log out on this sample page is not valid because I forgot to paste the code to log out)

check the example page, the only thing you need to remove is the $page_protect->access_page(); method to switch off the redirect

Thank you, but when I do so,

Code:

$this_user->get_user_info();

doesn't get any response.
I can't retrieve the username without calling:

Code:

this_user->user = $_SESSION['user'];
$this_user->user_pw = $_SESSION['pw'];

before get_user_info();

Can you replicate this?

what happens if you use the example files only? do you changed code from the class file?

I've got the same problem when commenting out

Code:

// $page_protect->access_page();

on example.php

The only thing I changed in the code was the encoding to UTF-8 and the inclusion of my own connection script.

yes you're right keep this code.

but test this way:

Code:

<?php
$this_user = new Access_user;
$logged_user = 0;
if(!empty($_SESSION['user'])) {
  $this_user->user = $_SESSION['user'];
  $this_user->user_pw = $_SESSION['pw'];
  if ($this_user->check_user()) {
    $this_user->get_user_info();
    $hello_name = ($this_user->user_full_name != '') ? $this_user->user_full_name : $this_user->user;
    $logged_user = 1;
  }
}

[Guest]

[62.873]

Googlebot, Yahoo crawler, Msnbot