Hi,
I am working (again) on a small core modification to deny backend access for certain groups.
Why is this usefull?
For example, you want to allow some users interaction in frontend - like give them access to some restricted content..etc, but deny them to see backend theme (only to see, not to mess with priviledges..)
So, as I saw that $_Session[GROUP_ID] will be removed soon in 2.9, the other way to check for users group would be:
$groups_id = $admin->get_groups_id();
if(in_array('2', $groups_id)) {
die(header('Location: ../../index.php'));
}
Now, If I put this code below:
require('../../config.php');
require_once(WB_PATH.'/framework/class.admin.php');
$admin = new admin('Start','start');
$groups_id = $admin->get_groups_id();
if(in_array('2', $groups_id)) {
die(header('Location: ../../index.php'));
}
I do not get redirected
, the backend is visible (header and menu only)..
I was checking this with session variable before, and header redirection worked fine, any tips how can I solve this ?
cheers
