<?php
if (isset($_POST["loginbtn"])){
$euser = $_POST["Emp_Username"];
$epassw = $_POST["Emp_Password"];
$check_user = mysql_query("select * from employee where Emp_Username = '".$euser."' and Emp_Password= '".$epassw."'");
if ($row=mysql_fetch_assoc($check_user)){
$_SESSION["loggedin"] = "true";
$_SESSION["eid"] = $row["Emp_ID"]; // keeps the member id in a session
header("location: profile.php"); // proceeds to the profile page
}else{
?>
<script type = "text/javascript">
alert("Invalid Username or Password");
</script>
<?php
}
}
?>
答案 0 :(得分:0)
我认为你的块代码中需要另一个if条件:
if (isset($_POST["loginbtn"])) {
$euser = $_POST["Emp_Username"];
$epassw = $_POST["Emp_Password"];
$check_user = mysql_query("select * from employee where Emp_Username = '".$euser."' > and Emp_Password= '".$epassw."'");
if ($row=mysql_fetch_assoc($check_user)) {
$_SESSION["loggedin"] = "true";
$_SESSION["eid"] = $row["Emp_ID"]; // keeps the member id in a session
if (in_array($row["position"], array("CEO", "Manager", "...")) {
header("location: profile.php"); // proceeds to the profile page
}
}
}
else { ?> alert("Invalid Username or Password");