Question

这是我在php中编写的第一个代码我遵循教程..我希望这段代码选择特权表中的所有字段，并检查登录用户的ID和他的访问级别但访问级别不会随每个登录用户而改变

我使用两个表之间的关系：特权表

+----------------------------------+
|  AccessLevel | logi_id  | pre_id |
|----------------------------------|
|      1       |    1     |   1    |
|      2       |    1     |   2    | 
|      4       |    2     |   4    |
+----------------------------------+

这是login_pre table：

+----------------------------------+
|  username| userpass | login_id   |
|----------------------------------|
|      a   |    123   |   1        |
|      a   |    123   |   1        | 
|      b   |   1234   |   2        |
+----------------------------------+

这是访问页面：

     <?php
        ob_start();
        session_start();
        include 'C:\xampp\htdocs\database\agtdatabase\agt_site\connection\connect.php';
        $query ="SELECT * FROM privilege " ;
        $result = mysqli_query($link,$query) or die('');

            while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
                    {
            $access = $row['AccessLevel'];

                echo $access; //result 124 in database

                        }

            if(isset($_SESSION['sessionloginid']))// point to id of user logged in
            {           
            echo $_SESSION['sessionaccess']=$access;// "that is print  wrong result " access level doesn't change based on user logged in 

            echo $_SESSION['sessionloginid'];

                    }

            ob_end_flush();
        ?>

这是登录页面：

        $username = $_POST['username'];
        $userpass = $_POST['userpass'];
        $loginid = $_POST['login_id'];


if($username && $userpass )
{
    $finduser = mysqli_query($link,"SELECT * FROM login_pre WHERE username = '".$username."' AND userpass = '".$userpass."'") or die("error");

    if(mysqli_num_rows($finduser) !=0)
        {

            while($row = mysqli_fetch_array($finduser))
                {$uname = $row['username'];
                $upass = $row['userpass'];
                $uloginid = $row['login_id'];
                }

        }

        if($username == $uname && $userpass == $upass  )
            {
                $_SESSION['sessionname'] =$uname;
            $_SESSION['sessionpass'] =$upass;
            $_SESSION['sessionloginid'] =$uloginid;

        echo $_SESSION['sessionloginid'];//result 124 of users

            }else header("location: login2.php");
ob_end_flush();

Answer 1

您的查询需要修改。添加条件以检索与当前access level匹配的$_SESSION['sessionloginid']。试试这个：

<?php
      if(isset($_SESSION['sessionloginid']))// point to id of user logged in
        {  
        $query ="SELECT * FROM privilege where logi_id='".$_SESSION['sessionloginid']."'" ;
        $result = mysqli_query($link,$query) or die('');
        while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
                {
        $access = $row['AccessLevel'];

            echo $_SESSION['sessionaccess']=$access;
            echo $_SESSION['sessionloginid'];
                    }
                }

        ob_end_flush();
    ?>

sessionloginid上的这段代码出了什么问题

1 个答案: