Hello All, how are you ? Hope you’re all doing fine…if anybody would kindly help me out to figure this one, would be very appreciated.
Okay, so the question:
Using UserIdentity extends CUserIdentity, the user with usergroup of "admin" can sign in at the backend. But at the front-end, when someone is signed in at the backend, and I refresh the page at the frontend, it will immediately login the user who logged in at the backend, no matter if I am just a guest who is browsing the web, then I can edit and make anything that supposed to be confidential.
Using a plain php I usually separate the session, but this one ? how to do it using the CUserIdentity ? What I meant is a more yiish way to handle this issue ?
how have you setup your back-end…as a different module? Are you using different UserIdentity classes for back-end and front-end? Post some more info on your structure…and I might be able to help further