Hi,
I use the Enterprise Edition of PHPRunner (8.0 Build 23504x64) including the online report/chart builder.
In my project there are different usergroups. One of them (admin) is marked as "Web Reports and Charts administrator".
Because I do not want to allow all groups to Webreport, I suppress the menu items in the event "Menu item: Modify" by $items_to_hide.....
This all works superb.
But since I have no EVENTS available for Webreport (or is it?), I can not prevent them from entering the program name (.../webreport.php) directly in the URL line and thus succumbed access for individual groups.
For example, (what I am missing) in event "before display":
if ( ( $_SESSION['gruppe'] <> "abc") and ($_SESSION['gruppe'] <> "def") )
{
// Logout
header("Location: login.php?a=logout");
exit();
}
Does anyone know a way to prevent this?
Maybe I'm on the wrong track...
Thank you
Taumic