我想知道是否有人可以帮助我 - 我已经成功创建了一个登录系统,允许用户(学生)登录。我的系统还需要管理员登录,管理员有权查看学生的页面才不是。管理员和学生信息都来自两个不同的表。下面是我用于学生登录的代码(有两个不同的页面 - 用户和登录)。我被困在如何实施管理员登录。任何帮助表示赞赏! (管理员将使用'adminnum'和'adminpassword'登录。
的的login.php 的
<?php
include "core/init.php";
include "includes/content.php";
if (empty($_POST) === false) {
$studentemail = $_POST ['studentemail'];
$studentpassword = $_POST ['studentpassword'];
if (empty($studentemail) === true || empty($studentpassword) === true) {
$errors[] = "You need to enter an email address and password";
} else if (user_exists($studentemail) === false) {
$errors[] = "We can't find that email address. Have you registered?";
} else {
if (strlen($studentpassword) > 32) {
$errors[] = 'Password too long';
}
$login = login($studentemail, $studentpassword);
if ($login === false) {
$errors[] = 'That email/password combination is incorrect';
} else {
$_SESSION['studentid'] = $login;
header('Location: index.php');
exit();
}
}
} else {
$errors[] = 'No data received';
}
include "includes/overall/overall_header.php";
if (empty($errors) === false) {
?>
<h2> We tried to log you in, but...</h2>
<?php
echo output_errors($errors);
}
?>
<center><input id="submit" type="submit" value="Back" onclick="location.href='Login2.php'"></center>
<?php
include "includes/overall/overall_footerloggedout.php";
?>
的 users.php 的
<?php
function logged_in() {
return (isset($_SESSION['studentid'])) ? true : false;
}
function user_exists($studentemail) {
$studentemail = sanitize($studentemail);
$query = mysql_query("SELECT COUNT(`studentid`) FROM `student` WHERE `studentemail`
= '$studentemail'");
return (mysql_result($query, 0) == 1) ? true : false;
}
function studentid_from_student ($studentemail) {
$studentemail = sanitize($studentemail);
return mysql_result(mysql_query("SELECT `studentid` FROM `student` WHERE `studentemail` = '$studentemail'"), 0, 'studentid');
}
`function login($studentemail, $studentpassword) {
$studentid = studentid_from_student($studentemail);
$studentemail = sanitize($studentemail);
$studentpassword = md5($studentpassword);
return (mysql_result(mysql_query("SELECT COUNT(`studentid`) FROM `student` WHERE `studentemail` = '$studentemail' AND `studentpassword` = '$studentpassword'"), 0) == 1) ? $studentid : false;
}
?>
答案 0 :(得分:0)
我建议改变你的逻辑,从两个不同的表中提取用户和管理员。只在一个表中创建它们,但是所有用户都应该包含列flag
,例如,其中flag = 1是ADMIN,flag = 0是USER。
答案 1 :(得分:0)
所有我可以建议,因为我不是一个PHP编码器,但过去做过一些是在数据库中添加另一个字段,您将为用户设置权限级别(0表示普通成员,1表示管理员)。完成后,只需通过PHP编码将其添加到您的用户脚本,我几乎不知道。希望有所帮助。