我有一个非常简单的登录系统,一旦登录就会根据对各自“索引”文件的访问权限将该用户重定向。
我想要做的是在用户登录基本索引文件后显示用户详细信息。现在,我只能显示'用户名'
我希望能够显示多个会话回声,例如;
empid
firstname
lastname
等等......
这是我的DB Schema
Area
Company
date_activated
date_deactivated
email
empid
FirstName
FullName
groups
id
is_admin
is_deleted
LastName
last_login_ip
last_login_timestamp
manager
MobileNumber
password
record
status
username
我在哪里
这是从索引文件
输出的全部内容Username: SuperAdmin | EMPID: | First Name: | Last Name: |
的index.php
<?php require_once('../admin/pinAPP.php'); $pinAPP = new pinAPP( 'newhire', false, false, true ); ?>
<?php if ( $pinAPP->can_access() ) { ?><!-- New hire -->
<center>
<div class="panel">
<div>
<b> Username: <?= $_SESSION['username']; ?> |
EMPID: <?=$_SESSION['empid']; ?> |
First Name: <?=$_SESSION['firstname']; ?> |
Last Name: <?=$_SESSION['lastname']; ?> |
</b>
<br>
<br>
<p>Below you will find all the necessary information on needed for onboarding process.</p>
<br>
<br>
</div>
<?php } else {} ?>
访问
<?php
class Access {
private static $auth = false;
final public function __construct() {
if ( ! $this->is_logged() )
return false;
$u = new User();
$db = new DB();
$db->query("UPDATE `". DBPREFIX ."users` SET `last_login_timestamp` = '". time() ."' WHERE `id`='". $u->info()->id ."'");
}
///////////
final public function is_logged( $require_admin_access = false ) {
if ( ! isset($_SESSION[LOGINSESSION]) )
return false;
self::$auth = true;
if ( $require_admin_access ) {
$u = new User();
if ( ! $u->is_admin() )
new Redirect(DEFAULT_RETURN_URL);
}
return self::$auth;
}
//////////
final private function not_logged() {
$url = new URL;
if ( $url->this() != URL.'/' )
new Redirect(URL);
}
final public function logout( $goto = false ) {
if ( ! MULTI_LOGIN && MULTI_LOGIN_RESET_TIMER ) {
$u = new User();
$db = new DB();
$db->query("UPDATE `". DBPREFIX ."users` SET `last_login_timestamp` = '". (time() - SESSION_LIFETIME) ."' WHERE `id`='". $u->info()->id ."'");
}
unset($_SESSION[LOGINSESSION]);
$goto = ( $goto ) ? $goto : URL;
new Redirect($goto);
}
final public function login( $id, $url = false, $username,$empid,$firstname,$lastname ) {
$_SESSION[LOGINSESSION] = $id;
$_SESSION['username'] = $username;
$_SESSION['empid'] = $empid;
$_SESSION['firstname'] = $firstname;
$_SESSION['lastname'] = $lastname;
if ( $url )
new Redirect(urldecode($url));
else
new Redirect(URL);
}
//final public function login( $id, $url = false, $username ) {
// $_SESSION[LOGINSESSION] = $id;
// $_SESSION['username'] = $username;
//
// if ( $url )
// new Redirect(urldecode($url));
// else
// new Redirect(URL);
// }
final public function require_login() {
if ( ! self::is_logged(true) )
self::not_logged();
}
}
型号/登录
<!-- model/login -->
<?php
$error = ' ';
if ( Access::is_logged(true) )
new Redirect('../admin/?page=index');
if ( isset($_POST['username']) ) {
$sql = new DB();
$ip = $sql->secure($_SERVER['REMOTE_ADDR']);
$user = $sql->secure($_POST['username']);
$pass = md5($_POST['password']);
$u = $sql->sqls("SELECT `id`,`username`, `fullname`, `status`, `is_admin`, `last_login_ip`, `last_login_timestamp` FROM `". DBPREFIX ."users` WHERE `username`='$user' AND `password`='$pass'");
if ( ! $u )
$error = 'The login information is wrong! Please try again...';
elseif ( $u->status == 0 && $u->is_admin < 1 )
$error = 'The account is not activated!';
elseif ( $u->status == 2 && $u->is_admin < 1 )
$error = 'The account is LOCKED!';
elseif ( $u->status == 3 && $u->is_admin < 1 )
$error = 'The account is Deactivated!';
elseif ( ! MULTI_LOGIN && $u->last_login_ip != $ip && ($u->last_login_timestamp + SESSION_LIFETIME) > time() )
$error = str_replace('{%IP%}', $u->last_login_ip, MULTI_LOGIN_MESSAGE);
else {
$u = $sql->sqls("SELECT `id`,`username`,`empid`,`firstname`,`lastname` `fullname`, `status`, `is_admin`, `last_login_ip`, `last_login_timestamp` FROM `". DBPREFIX ."users` WHERE `username`='$user' AND `password`='$pass'");
$sql->query("UPDATE `". DBPREFIX ."users` SET `last_login_ip` = '". $ip ."', `last_login_timestamp` = '". time() ."' WHERE `username`='$user'");
Access::login(md5($u->username), $_REQUEST['return_url'], $_POST['username'], $_POST['empid'],$_POST['firstname'],$_POST['lastname']);
//$sql->query("UPDATE `". DBPREFIX ."users` SET `last_login_ip` = '". $ip ."', `last_login_timestamp` = '". time() ."' WHERE `username`='$user'");
//Access::login(md5($u->username), $_REQUEST['return_url'], $_POST['username']);
//$userRow = $sql->sqls("SELECT * FROM `". DBPREFIX ."users` WHERE `username`='$user'");
//Access::login(md5($u->username), $_REQUEST['return_url'],$userRow);
}
}
$this->add_option('error', $error);
我在哪里
我的index.php文件
<?php include('header.php'); ?>
<?php require_once('../admin/pinAPP.php'); $pinAPP = new pinAPP( 'newhire', false, false, true ); ?>
<?php if ( $pinAPP->can_access() ) { ?><!-- New hire -->
<center>
<div class="panel">
<div>
<b>Welcome {<?= $_SESSION['username']; ?>}{<?= $_SESSION['firstname']; ?>},<?= $_SESSION['lastname']; ?></b>
<br>
<br>
<p>Below you will find all the necessary information on needed for onboarding process.</p>
<br>
<br>
</div>
<?php } else {} ?>
<!-- -->
<?php include('footer.php'); ?>
我的访问类
<?php
class Access {
private static $auth = false;
final public function __construct() {
if ( ! $this->is_logged() )
return false;
$u = new User();
$db = new DB();
$db->query("UPDATE `". DBPREFIX ."users` SET `last_login_timestamp` = '". time() ."' WHERE `id`='". $u->info()->id ."'");
}
///////////
final public function is_logged( $require_admin_access = false ) {
if ( ! isset($_SESSION[LOGINSESSION]) )
return false;
self::$auth = true;
if ( $require_admin_access ) {
$u = new User();
if ( ! $u->is_admin() )
new Redirect(DEFAULT_RETURN_URL);
}
return self::$auth;
}
//////////
final private function not_logged() {
$url = new URL;
if ( $url->this() != URL.'/' )
new Redirect(URL);
}
final public function logout( $goto = false ) {
if ( ! MULTI_LOGIN && MULTI_LOGIN_RESET_TIMER ) {
$u = new User();
$db = new DB();
$db->query("UPDATE `". DBPREFIX ."users` SET `last_login_timestamp` = '". (time() - SESSION_LIFETIME) ."' WHERE `id`='". $u->info()->id ."'");
}
unset($_SESSION[LOGINSESSION]);
$goto = ( $goto ) ? $goto : URL;
new Redirect($goto);
}
final public function login( $id, $url = false, $username ) {
$_SESSION[LOGINSESSION] = $id;
$_SESSION['username'] = $username;
if ( $url )
new Redirect(urldecode($url));
else
new Redirect(URL);
}
final public function require_login() {
if ( ! self::is_logged(true) )
self::not_logged();
}
}
我的登录文件,用于获取用户详细信息。
<!-- model/login -->
<?php
$error = ' ';
if ( Access::is_logged(true) )
new Redirect('../admin/?page=index');
if ( isset($_POST['username']) ) {
$sql = new DB();
$ip = $sql->secure($_SERVER['REMOTE_ADDR']);
$user = $sql->secure($_POST['username']);
$pass = md5($_POST['password']);
$u = $sql->sqls("SELECT `id`,`username`, `fullname`, `status`, `is_admin`, `last_login_ip`, `last_login_timestamp` FROM `". DBPREFIX ."users` WHERE `username`='$user' AND `password`='$pass'");
if ( ! $u )
$error = 'The login information is wrong! Please try again...';
elseif ( $u->status == 0 && $u->is_admin < 1 )
$error = 'The account is not activated!';
elseif ( $u->status == 2 && $u->is_admin < 1 )
$error = 'The account is LOCKED!';
elseif ( $u->status == 3 && $u->is_admin < 1 )
$error = 'The account is Deactivated!';
elseif ( ! MULTI_LOGIN && $u->last_login_ip != $ip && ($u->last_login_timestamp + SESSION_LIFETIME) > time() )
$error = str_replace('{%IP%}', $u->last_login_ip, MULTI_LOGIN_MESSAGE);
else {
$sql->query("UPDATE `". DBPREFIX ."users` SET `last_login_ip` = '". $ip ."', `last_login_timestamp` = '". time() ."' WHERE `username`='$user'");
Access::login(md5($u->username), $_REQUEST['return_url'], $_POST['username'], $_POST['fullname']);
}
}
$this->add_option('error', $error);
感谢您的时间,感谢您的帮助。
-Levi
答案 0 :(得分:1)
首先改变这一点。 我的登录文件,用于获取用户详细信息。
更改我给出的内容
<!-- model/login -->
$u = $sql->sqls("SELECT `id`,`username`,`empid`,`firstname`,`lastname` `fullname`, `status`, `is_admin`, `last_login_ip`, `last_login_timestamp` FROM `". DBPREFIX ."users` WHERE `username`='$user' AND `password`='$pass'");
else {
$sql->query("UPDATE `". DBPREFIX ."users` SET `last_login_ip` = '". $ip ."', `last_login_timestamp` = '". time() ."' WHERE `username`='$user'");
Access::login(md5($u->username), $_REQUEST['return_url'], $_POST['username'],$u->empid,$u->firstname,$u->lastname);
}
我的访问类
final public function login( $id, $url = false, $username,$empid,$firstname,$lastname ) {
$_SESSION[LOGINSESSION] = $id;
$_SESSION['username'] = $username;
$_SESSION['empid'] = $empid;
$_SESSION['firstname'] = $firstname;
$_SESSION['lastname'] = $lastname;
if ( $url )
new Redirect(urldecode($url));
else
new Redirect(URL);
}
现在你可以回复这个
$_SESSION['username']
$_SESSION['empid']
$_SESSION['firstname']
$_SESSION['lastname']
请确保无论何时调用login方法,此参数都应该存在。