我正在尝试创建一个登录页面,该页面将根据用户的登录凭据将用户发送到不同的index.php页面。例如,如果具有“管理员”角色的用户登录,他们将被发送到“index.php”,如果具有“学生”角色的用户登录,他们将被发送到“学生/个人资料”。 php“page。
我看不出我的代码出了什么问题,但它正在运行......当我点击登录时,我正在收到“空白页面,会话永远不会出现”
假设用户名/密码已存储在数据库中
这是我的登录页面.php
<?php
//Start session
session_start();
if (isset($_POST['position'])) {
//do something with position
} else {
//position was not set, maybe give it a default value and use that
}
//Connect to mysql server
include('connect.php');
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$login = clean($_POST['id']);
$password = clean($_POST['password']);
$position = clean($_POST['position']);
$result = mysql_query("SELECT * FROM user WHERE idnumber='$login' AND password='$password'");
while($row = mysql_fetch_array($result))
{
$position = $row['position'];
}
if ($position=='admin')
{
//Create query
$qry="SELECT * FROM admin WHERE idnum='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
session_write_close();
//if ($level="admin"){
header("location: admin/index.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
if ($position=='student')
{
//Create query
$qry="SELECT * FROM prereg WHERE idnumber='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
session_write_close();
//if ($level="admin"){
header("location: student/profile.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
if ($position=='Casher')
{
//Create query
$qry="SELECT * FROM casher WHERE idnumber='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
session_write_close();
//if ($level="admin"){
header("location: casher/index.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
if ($position=='teacher')
{
//Create query
$qry="SELECT * FROM teacher WHERE idnumber='$login' AND password='$password'";
$result=mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['id'];
$_SESSION['SESS_FIRST_NAME'] = $member['idnumber'];
session_write_close();
//if ($level="admin"){
header("location: teacher/index.php");
exit();
}else {
//Login failed
header("location: loginform.php");
exit();
}
}else {
die("Query failed");
}
}
?>
loginform.php
<?php
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['SESS_MEMBER_ID']);
unset($_SESSION['SESS_FIRST_NAME']);
unset($_SESSION['SESS_LAST_NAME']);
?>
<html>
<head>
<title>
</title>
<link rel="stylesheet" href="css/main.css" />
<style type="text/css">
<!--
.ed{
border-style:solid;
border-width:thin;
border-color:#00CCFF;
padding:5px;
margin-bottom: 4px;
}
#button1{
text-align:center;
font-family:Arial, Helvetica, sans-serif;
border-style:solid;
border-width:thin;
border-color:#00CCFF;
padding:5px;
background-color:#00CCFF;
height: 34px;
}
-->
</style>
</head>
<body>
<div id="mainwrapper">
<div id="header">
<img src="images/amuni.jpg">
</div>
<div id="menu">
<ul>
<li>
<a href="index.php">Home</a>
</li>
<li>
<a href="loginform.php">Login</a>
</li>
<li>
<a href="pre_reg.php">Student Pre Registration</a>
</li>
<li>
<a href="aboutus.php">About Us</a>
</li>
<li>
<a href="help.php">Help</a>
</li>
<div class="clearfix"></div>
</ul>
</div>
<div id="main" style="padding:20px; text-align:justify; font-family:arial;">
<form action="login.php" method="post">
I.D. Number<br>
<input type="text" name="id" class="ed"><br>
Password<br>
<input type="password" name="password" class="ed"><br>
<input type="hidden" name="position" value="somevalue">
<input type="submit" value="Login" id="button1">
</form>
</div>
<div id="footer">
</div>
<div class="clearfix"></div>
</div>
</body>
</html>
$ postion变量是关于登录系统的人的决定性变量。
我将其声明如下
但页面仍未将用户带到指定的位置。
我不确定我是否正确地宣布了
$ position
和
<input type="hidden" name="position" value="somevalue">
任何输入Appreicated