这是我在php中编写的第一个代码我遵循教程..我希望这段代码选择特权表中的所有字段,并检查登录用户的ID和他的访问级别 但访问级别不会随每个登录用户而改变
我使用两个表之间的关系: 特权表
+----------------------------------+
| AccessLevel | logi_id | pre_id |
|----------------------------------|
| 1 | 1 | 1 |
| 2 | 1 | 2 |
| 4 | 2 | 4 |
+----------------------------------+
这是login_pre table:
+----------------------------------+
| username| userpass | login_id |
|----------------------------------|
| a | 123 | 1 |
| a | 123 | 1 |
| b | 1234 | 2 |
+----------------------------------+
这是访问页面:
<?php
ob_start();
session_start();
include 'C:\xampp\htdocs\database\agtdatabase\agt_site\connection\connect.php';
$query ="SELECT * FROM privilege " ;
$result = mysqli_query($link,$query) or die('');
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
$access = $row['AccessLevel'];
echo $access; //result 124 in database
}
if(isset($_SESSION['sessionloginid']))// point to id of user logged in
{
echo $_SESSION['sessionaccess']=$access;// "that is print wrong result " access level doesn't change based on user logged in
echo $_SESSION['sessionloginid'];
}
ob_end_flush();
?>
这是登录页面:
$username = $_POST['username'];
$userpass = $_POST['userpass'];
$loginid = $_POST['login_id'];
if($username && $userpass )
{
$finduser = mysqli_query($link,"SELECT * FROM login_pre WHERE username = '".$username."' AND userpass = '".$userpass."'") or die("error");
if(mysqli_num_rows($finduser) !=0)
{
while($row = mysqli_fetch_array($finduser))
{$uname = $row['username'];
$upass = $row['userpass'];
$uloginid = $row['login_id'];
}
}
if($username == $uname && $userpass == $upass )
{
$_SESSION['sessionname'] =$uname;
$_SESSION['sessionpass'] =$upass;
$_SESSION['sessionloginid'] =$uloginid;
echo $_SESSION['sessionloginid'];//result 124 of users
}else header("location: login2.php");
ob_end_flush();
答案 0 :(得分:0)
您的查询需要修改。添加条件以检索与当前access level
匹配的$_SESSION['sessionloginid']
。试试这个:
<?php
if(isset($_SESSION['sessionloginid']))// point to id of user logged in
{
$query ="SELECT * FROM privilege where logi_id='".$_SESSION['sessionloginid']."'" ;
$result = mysqli_query($link,$query) or die('');
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
$access = $row['AccessLevel'];
echo $_SESSION['sessionaccess']=$access;
echo $_SESSION['sessionloginid'];
}
}
ob_end_flush();
?>