Hi

I am in the process to building a CMS which has different functionality available for 2 levels of admin users (determined by access level during login)

I am trying to use the Advanced Conditional Region extension to hide links to restricted functionality from lower level admin staff but keeping these visible to a couple of higher level staff.

However i have no idea how to write an expression to do this and the support relating to hiding/showing dynamic items is extremely minimal.

I have created a session variable called 'access level' but this just shows or hides the same things irrespective of the which user (and access level) is logged in.

Please help - i am in a right old tangle

Thanks

i tend to use cookies rather than session variables just to aid the user and stop them from having to login time and time again but in essence the same applies.

You can use something like the following:

<% If Request.Session("access_level" = "1" then %>

Hidden content here for access level 1

<% end if %>

<% if Request.Session("access_level" = "2" then %>


Hidden content here for access level 2

<% end if %>

Of course with cookies you just have to Request.Cookies("access_lvel" etc

Hope that is what you were looking for


Regards

Vince Baker
<strong>DMX Zone Manager</strong>

[VBScript | ASP | HTML | CSS | SQL | Oracle | AS400 | ERP Logic | Hosting]

Thanks for the reply Vince

I think the problem seems to be that the access level assigned to each user isn't passing in from the login page. I have used a standard 'log in user' behaviour which is set to restrict access by username, password and access level (and this is set to the right field in the db).

I have a recordset in my show/hide page which is set to filter the access level by a session variable called MM_AccessLevel. When i test the recordset it returns the correct results.

I have the conditional region behaviour set applied to a hyperlink as follows: Session("MM_AccessLevel" &lt; "3"

But when i log on using id from an access level 1 user, they still see the link (just the same as when i log on with an access level 3 user) and if i change the expression .

The will be something glaring that i am doing wrong but i cant for the life of me see what.

Any help much appreciated

you could try to display the session variable on the page, at least this will tell you if it is being passed for sure.

&lt;%=Request.session("variable"%&gt;

Regards

Vince Baker
<strong>DMX Zone Manager</strong>

[VBScript | ASP | HTML | CSS | SQL | Oracle | AS400 | ERP Logic | Hosting]

Just dragged it out of bindings onto the page. Nothing prints to screen when i test the page so i'm guessing this is why the conditional region isnt working.

Any suggestions??

there must be an issue when the session variable is being created (or not as the case may be)

Can you post the code of the page where the sesion is created?

Regards

Vince Baker
<strong>DMX Zone Manager</strong>

[VBScript | ASP | HTML | CSS | SQL | Oracle | AS400 | ERP Logic | Hosting]

OK Vince

Here is the session being set:

&lt;%
Dim rsUsers__MMColParam
rsUsers__MMColParam = "0"
If (Session("MM_AccessLevel" &lt;&gt; "" Then
rsUsers__MMColParam = Session("MM_AccessLevel"
End If
%&gt;

Here is the query:

&lt;%
Dim rsUsers
Dim rsUsers_numRows

Set rsUsers = Server.CreateObject("ADODB.Recordset"
rsUsers.ActiveConnection = MM_uf_STRING
rsUsers.Source = "SELECT * FROM tblLogins WHERE access_level = " + Replace(rsUsers__MMColParam, "'", "''" + ""
rsUsers.CursorType = 0
rsUsers.CursorLocation = 2
rsUsers.LockType = 1
rsUsers.Open()
rsUsers_numRows = 0
%&gt;


Here is the conditional Region being applied in the html:

&lt;% if Session("MM_AccessLevel" = "3" then %&gt;
Add a new User to the Database
&lt;% end if %&gt;

Hope you can follow it.

Thanks

so this part checks the session variable against the table but there must be a page somewhere before this that actually creates the session variable

Regards

Vince Baker
<strong>DMX Zone Manager</strong>

[VBScript | ASP | HTML | CSS | SQL | Oracle | AS400 | ERP Logic | Hosting]

As far as i am aware - thats it!!

To test this I just defined a brand new site with just one file and a db - then set a session variable.

This is the recordset and the session variable:

&lt;%
Dim rsLogins__MMColParam
rsLogins__MMColParam = "1"
If (Session("MM_AccessLevel" &lt;&gt; "" Then
rsLogins__MMColParam = Session("MM_AccessLevel"
End If
%&gt;
&lt;%
Dim rsLogins
Dim rsLogins_numRows

Set rsLogins = Server.CreateObject("ADODB.Recordset"
rsLogins.ActiveConnection = MM_myCon_STRING
rsLogins.Source = "SELECT * FROM logins WHERE access_level = " + Replace(rsLogins__MMColParam, "'", "''" + ""
rsLogins.CursorType = 0
rsLogins.CursorLocation = 2
rsLogins.LockType = 1
rsLogins.Open()

rsLogins_numRows = 0
%&gt;

...and this is the session inserted in the page:

&lt;%= Session("MM_AccessLevel" %&gt;

There is nothing else except a .mno file inside a folder called _notes. This has this xml code inside:

&lt;info&gt;
&lt;infoitem key="UD_Session1" value="MM_AccessLevel" /&gt;
&lt;infoitem key="UD_sessionCount" value="1" /&gt;
&lt;/info&gt;

And that it - nothing else.