这是我的checklogin.php
<?php
session_start();
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="password"; // Mysql password
$db_name="lecturer"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Define $myusername and $mypassword
$myid=$_POST['myid'];
$mypassword=$_POST['mypassword'];
// To protect MySQL injection (more detail about MySQL injection)
$myid = stripslashes($myid);
$mypassword = stripslashes($mypassword);
$myid = mysql_real_escape_string($myid);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE ID='$myid' and password='$mypassword' LIMIT 1 ";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_session['myid'] = 'myid';
$_session['mypassword'] = 'mypassword';
$info = mysql_fetch_array($result);
if($info['id'] == 0){
header("location: webpage.php");
}
else if ($info['id'] == 100) {
header("location: lecturer_user.php?myid=$myid");
}
else if ($info['id'] == 102) {
header("location: lecturer_user.php");
}
else {
echo "Wrong Username or Password";
header ("refresh:5; url=main_login.php");
}
}
ob_end_flush();
?>
<html>
<body>
<table>
<th><a href="main_login.php?pressed=back">Back</a></th>
</table>
</body>
</html>
这是我的讲话_user.php
<?php
session_start();
echo "<a href=\"drop.php?myid=".$_SESSION['myid']."\">drop</a>";
?>
这是我的drop.php
<html>
<head></head>
<body>
<?php
$conn = mysql_connect('localhost','root','password');
mysql_select_db('lecturer');
$myid = $_GET["myid"];
$query = 'SELECT persons.ID , persons.FirstName , user_subject.subject
FROM persons
INNER JOIN user_subject
ON persons.ID = user_subject.ID
WHERE persons.ID = '.$myid.' ORDER BY user_subject.subject';
$result = mysql_query($query) or die(mysql_error());
?>
<table width="400" border="0" align="center" cellspacing="1" cellpadding="0">
<tr>
<td><form name="form1" method="post" action="">
<table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td bgcolor="#FFFFFF"> </td>
<td colspan="4" bgcolor="#FFFFFF"><strong>Drop subject</strong> </td>
</tr>
<tr>
<td align="center" bgcolor="#FFFFFF">#</td>
<td align="center" bgcolor="#FFFFFF"><strong>ID</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Subject</strong></td>
</tr>
<?php while($row = mysql_fetch_assoc($result)) { ?>
<tr>
<td align="center" bgcolor="#FFFFFF"><input type="checkbox" name="data[]" value="<?php echo $row['ID'];?>" /></td>
<td bgcolor="#FFFFFF"> <?php echo $row['ID']; ?> </td>
<td bgcolor="#FFFFFF"> <?php echo $row['subject']; ?> </td>
</tr>
<?php } ?>
<tr>
<td colspan="3" align="left" bgcolor="#FFFFFF"><input type="submit" value="Delete Checked Rows" /></td>
<td colspan="2" align="right" bgcolor="#FFFFFF"><a href="user_subject.php?pressed=subject">Back</a></td>
</tr>
<?php
if(isset($_POST['data'])) {
$del_query = "DELETE FROM user_subject WHERE ID IN (";
foreach($_POST['data'] as $data) {
$del_query .= "'" . (int) $data . "',";
}
$del_query .= "'')";
mysql_query($del_query) or die(mysql_error());
header("Location:" . $_SERVER['PHP_SELF']);
}
mysql_close()
?>
</table>
</form>
</tr>
</table>
</body>
</html>
我想要做的是当我以id = 100登录时,它将导致讲授_user.php?myid = 100 并且主要的问题是当我在讲座_user时我希望会话ID识别为id = 100,因此每个用户都有自己唯一的id 当我点击视图即test.php时,它会将其重定向为testing.php?myid = 100,这样我只能查看id = 100个主题,而不能查看其他主题。
我想要的是当用户ID 100登录时只能查看自己的个人资料。 谢谢
谢谢
答案 0 :(得分:1)
您正在设置
$_session['myid'] = 'myid';
使用
$_session['myid'] = $info['id'];
答案 1 :(得分:0)
登录成功时,将ID为登录用户的会话变量设置为:
$_SESSION['myid'] = $info['id'];
这样您就可以访问所有页面中的登录用户,直到您将其取消设置为
$_SESSION['myid'];
确保您在用户退出时不要忘记取消设置会话。
答案 2 :(得分:0)
试试这个
$_session['myid'] = $myid ;
$_session['mypassword'] = $mypassword ;
答案 3 :(得分:0)
在 checklogin.php 中将会话设置为:
$_SESSION['myid'] = $myid;
$_SESSION['mypassword'] = $mypassword;
同样从 lecturer_user.php 中删除session_start();,因为您已经在 checklogin.php