Hi I'm using drupal 6.5 and i have one major problem, the thing is i have users one my site, these users all belong to roles and depending on the role they belong to they are entitled to see certain things. I'm using Organic groups for the grouping...the site does display contents to users according to their role. the only problem is that when the users actually go and edit or manipulate the URL, they then see restricted pages. so my question is that is there a way to make sure that the users are not only restricted while on the site, but also when they try accessing pages through the URL.

Thanks

Comments

WorldFallz’s picture

First, if you're concerned about security you should update to d6.9 asap.

That said, did you verify you have the proper access control settings at admin/og/og_access ?

===
"Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime." - Lao Tzu
"God helps those who help themselves." - Ben Franklin
"Search is your best friend." - Worldfallz