我正在为我的用户制作一个仪表板。我按行列设置,每个等级都可以做自己的事情。现在,我有三个问题。一个和两个是关于形式,另一个是关于重定向问题。这些表单没有提交到数据库中,我不知道为什么。这两种形式如下。第三个问题是重定向。由于系统是按排名设置的,因此我不希望排名访问其他排名仪表板。它没有将其他排名从仪表板重定向到所有登录,当这些排名登录时,它会将它们重定向到正确的仪表板,但是如果说合作伙伴进入管理仪表板,它会让我们不想要它们。此外,我忘了提到当用户登录时,如果他们转到我不想要的登录URL,它会让他们回到登录页面,我希望它将它们重定向到仪表板。表格如下。
第一种形式:
<?php
$id = $_GET['id'];
$result = $db->query("SELECT * FROM users WHERE Id = '.$id.'");
if(isset($_POST['submit']))
{
$username1 = $_POST['username'];
$email1 = $_POST['email'];
$password1 = $_POST['password'];
$f_name = $_POST['f_name'];
$l_name = $_POST['l_name'];
$rank1 = $_POST['rank'];
$skype1 = $_POST['skype'];
$db->query("UPDATE users SET (Email, Username, FName, LName, Rank, SkypeID) VALUES(''.$email1.'', ''.$username1.'', ''.$f_name.'', ''.$l_name.'', ''.$rank1.'', ''.$skype1.'') WHERE Id = ".$id."");
}
?>
<?php
$id = $_GET['id'];
$result = $db->query("SELECT * FROM users WHERE id='$id'");
while($row = $result->fetch_assoc())
{
$username = $row['Username'];
$email = $row['Email'];
$fname = $row['FName'];
$lname = $row['LName'];
$rank = $row['Rank'];
$skype = $row['SkypeID'];
}
?>
<form method="POST">
Username: <input type="text" name="username" value="<?php echo ($username); ?>"><br>
Email: <input type="email" name="email" value="<?php echo ($email);?>"><br>
Passowrd: <input type="password" name="password"><br>
First Name: <input type="text" name="f_name" value="<?php echo ($fname);?>"><br>
Last Name: <input type="text" name="l_name" value="<?php echo($lname); ?>"><br>
Rank: <input type="text" name="rank" value="<?php echo ($rank); ?>"><br>
Skype: <input type="text" name="rank" value="<?php echo ($skype); ?>">
<button type="submit" name="submit">Update User</button>
</form>
第二表格:
<?php
if(isset($_POST['submit']))
{
$c_name = $_POST['c_name'];
$v_link = $_POST['v_link'];
$v_title = $_POST['v_title'];
$v_desc = $_POST['v_desc'];
$v_tags = $_POST['v_tags'];
$m_sources = $_POST['m_sources'];
$s_requests = $_POST['s_requests'];
if(empty($c_name) or empty($v_link) or empty($v_title) or empty($v_title) or empty($v_desc) or empty($v_tags))
{
echo 'You must fill in the first 5 fields.';
}
else
{
$getRank = $db->query("SELECT * FROM users WHERE username = ".$_SESSION['username']."");
while ($row = $getRank->fetch_assoc($getRank))
{
$usename = $row['username'];
$rank = $row['rank'];
}
$db->query("INSERT INTO submitted_forms (username, rank, channel_username, video_link, video_title, video_description, video_tags, music_sources, special_requests) VALUES (''.$username.'', ''.$rank.'', ''.$c_name.'', ''.$v_link.'', ''.$v_title.'', ''.$v_desc.'', ''.$v_tags.'', ''.$m_sources.'', ''.$s_requests.'')");
echo 'Form submitted successfully.';
}
}
?>
<form method="POST">
Channel name: <input type="text" name="c_name" required>*<br>
Video Link: <input type="text" name="v_link" required>*<br>
Video Title: <input type="text" name="v_title" required>*<br>
Video Description: <input type="text" name="v_desc" required>*<br>
Video Tags: <input type="text" name="v_tags" required>*<br>
Music Sources: <input type="text" name="m_sources"><br>
Special Requests: <input type="text" name="s_requests"><br>
<button type="submit" name="submit">Submit</button><br>
</form>
现在,下面是我用来将用户重定向到仪表板的代码(如果它没有仪表板)。它重定向未登录的用户,但不像其他用户那样重定向。它应该只允许管理员进入。
<?php session_start();
if(isset($_SESSION['admin']))
{
$_SESSION['username'];
} else {
header("location: ../index.php");
} ?>
现在,继承人登录脚本。如果他们登录,我希望它将队列重定向到仪表板,我不知道如何植入这个。
<?php
require 'core/config.php';
if(isset($_POST['submit']))
{
$username = $db->real_escape_string($_POST['username']);
$password = md5($_POST['password']);
if(empty($username) or empty($password))
{
echo 'You must fill in both boxes!';
} else {
$query = $db->query("SELECT * FROM users WHERE username = '".$username."'");
while($row = $query->fetch_assoc())
{
$dbpassword = $row['Password'];
}
if($password !== $dbpassword)
{
echo 'Password was incorrect.';
} else {
$query1 = $db->query("SELECT * FROM users WHERE username='".$username."'");
while($rows = $query1->fetch_assoc())
{
$rank = $rows['Rank'];
}
if($rank === 'admin')
{
$_SESSION['admin'] = '1';
$_SESSION['username'] = $username;
echo '<script>window.location="management/index.php";</script>';
}
elseif ($rank === 'partner')
{
$_SESSION['partner'] = '1';
$_SESSION['username'] = $username;
echo '<script>window.location="partner/index.php";</script>';
}
elseif ($rank === 'trainee')
{
$_SESSION['trainee'] = '1';
$_SESSION['username'] = $username;
echo '<script>window.location="trainee/index.php";</script>';
}
else
{
echo 'Account not found.';
}
}
}
}
?>
答案 0 :(得分:0)
在您的登录脚本中尝试此操作:
<?php
require 'core/config.php';
//assuming that you have already start your session at the very top
if(isset($_POST['submit']))
{
$username = $db->real_escape_string($_POST['username']);
$password = md5($_POST['password']);
if(empty($username) or empty($password))
{
echo 'You must fill in both boxes!';
} else {
$query = $db->query("SELECT * FROM users WHERE username = '".$username."'");
while($row = $query->fetch_assoc())
{
$dbpassword = $row['Password'];
}
if($password !== $dbpassword)
{
echo 'Password was incorrect.';
} else {
$query1 = $db->query("SELECT * FROM users WHERE username='".$username."'");
while($rows = $query1->fetch_assoc())
{
$rank = $rows['Rank'];
}
if($rank === 'admin')
{
$_SESSION['rank'] = $rank;
$_SESSION['username'] = $username;
echo '<script>window.location="management/index.php";</script>';
}
else if ($rank === 'partner')
{
$_SESSION['rank'] = $rank;
$_SESSION['username'] = $username;
echo '<script>window.location="partner/index.php";</script>';
}
else if ($rank === 'trainee')
{
$_SESSION['rank'] = $rank;
$_SESSION['username'] = $username;
echo '<script>window.location="trainee/index.php";</script>';
}
else
{
echo 'Account not found.';
}
}
}
}
?>
在您的management / index.php中或应该只允许管理员进入的页面中。
<?php session_start();
if(isset($_SESSION['rank']) and $_SESSION['rank'] == "admin")
{
$_SESSION['username'];
} else {
header("location: ../index.php");
} ?>
随着你的保存,你可能会忘记正确的引语:
<?php
if(isset($_POST['submit']))
{
$c_name = $_POST['c_name'];
$v_link = $_POST['v_link'];
$v_title = $_POST['v_title'];
$v_desc = $_POST['v_desc'];
$v_tags = $_POST['v_tags'];
$m_sources = $_POST['m_sources'];
$s_requests = $_POST['s_requests'];
if(empty($c_name) or empty($v_link) or empty($v_title) or empty($v_title) or empty($v_desc) or empty($v_tags))
{
echo 'You must fill in the first 5 fields.';
}
else
{
$getRank = $db->query("SELECT * FROM users WHERE username = '$_SESSION[username]'");
while ($row = $getRank->fetch_assoc($getRank))
{
$usename = $row['username'];
$rank = $row['rank'];
}
$db->query("INSERT INTO submitted_forms (username, rank, channel_username, video_link, video_title, video_description, video_tags, music_sources, special_requests) VALUES ('$username', '$rank', '$c_name', '$v_link', '$v_title', '$v_desc', '$v_tags', '$m_sources', '$s_requests')");
echo 'Form submitted successfully.';
}
}
?>