我正在尝试使用用户和管理员设置不同的访问但我无法弄清楚如何使它们看起来不同,我尝试在数据库上设置tinyint,其中1是管理员,0是用户,但我不知道我认为我做得对。 (你在其他地方找到了它的代码)所以如果有更好的方法,那么帮助将是最受欢迎的。先感谢您。
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Homeowners Association</title>
</head>
<?php
if ($_SESSION['validUser'] == "yes")
//is this already a valid user?
{
//turn off PHP and turn on HTML
?>
<h1>Display Events Admin Options</h1>
<p><a href="insertEvent.html">Input New Events</a></p>
<p><a href="selectEventsProtected.php">List of Events</a></p>
<p><a href="logout.php">Logout</a></p>
<?php //turn off HTML and PHP
}
else
{
if (isset($_POST['submitLogin']) )
//Was this page called from a submitted form?
{
$inUsername = $_POST['loginUsername'];
//pull the username from the form
$inPassword = $_POST['loginPassword'];
//pull the password from the form
include ('dbConnect.php');
//Connect to the database
$sql = "SELECT * FROM homeowners WHERE username = '" . $inUsername . "' AND password = '" . $inPassword . "'";
//this SQL command will only work if BOTH the username and password on the table
$result = mysqli_query($link,$sql) or die("SQL Error " . mysqli_error($link) . "<p>SQL String: $sql</p>" );
if (mysqli_num_rows($result) == 1 )
//If this is a valid user there should be ONE row only
{
$_SESSION['validUser'] = "yes";
//this is a valid user so set your SESSION variable
//turn off PHP and begin HTML
?>
<h1>Display Events Admin Options</h1>
<p><a href="insertEvent.html">Input New Event</a></p>
<p><a href="selectEventsProtected.php">List of Events</a></p>
<p><a href="logout.php">Logout</a></p>
<?php //turn off HTML and turn on PHP
}
else
//This is an invalid user not in the database
{
echo "<h3>Invalid username or password. Please try again.</h3>"; //sets error message
//display login form again with the error message.
//turn off PHP and begin HTML
?>
<form method="post" name="login" action="login.php" >
<p>Username: <input name="loginUsername" type="text" /></p>
<p>Password: <input name="loginPassword" type="password" /></p>
<p><input name="submitLogin" value="Login" type="submit" /> <input name="" type="reset" /> </p>
</form>
<?php //turn off HTML and turn on PHP
}//end of checking for a valid user
}//end of checking for a submitted page
else //This page was not submitted so the user needs to se the sign on form to continue
{
//display the login form in the area below
//turn off PHP and begin HTML
?>
<h1>Login to access website</h1>
<form method="post" name="loginForm" action="login.php">
<p>Username: <input name="loginUsername" type="text" /></p>
<p>Password: <input name="loginPassword" type="password" /></p>
<p><input name="submitLogin" value="Login" type="submit" /> <input name="" type="reset" /> </p>
</form>
<?php //turn off HTML and turn on PHP
}//ends if statement to check for form submit
}//end if checking for a valid user
//turn off PHP and begin HTML
?>
</body>
</html>
我尝试使用:
$query = mysqli_query("SELECT type FROM homeowners WHERE username = '$user'");
$gettype = mysqli_fetch_assoc($query);
if($gettype["type"] == 0){
echo("user");
}
elseif($gettype["type"] == 1){
echo("admin");
}
但我不太了解tinyint(我已设置类型)
答案 0 :(得分:1)
如果您使用tinyint没问题,但我更喜欢枚举来确定用户访问权限,因为它直接显示用户访问权限。不只是数字而且我必须再次记住1,2,3或者其他什么意思。
要显示管理页面或用户页面,您只需要一个$_SESSION变量来存储用户访问权限。
include 'dbConnect.php';
$query = mysqli_query($con, "SELECT type FROM homeowners WHERE username = '$user'");
$gettype = mysqli_fetch_assoc($query);
if($gettype["type"] == 0){
$_SESSION["userAccess"] = "user"
}
elseif($gettype["type"] == 1){
$_SESSION["userAccess"] = "admin"
}
并将其添加到if
if ($_SESSION["validUser"] == "yes") {
if($_SESSION["userAccess"] == "admin") {
//show admin stuff or admin page
} elseif ($_SESSION["userAccess"] == "user") {
//show user stuff or user page
}
}
如果您想使用session_start()
login.php和其他文件的代码顶部使用$_SESSION
<强>更新
看到我更新的答案。
你在mysqli_query()犯了错误,那个方法需要2个参数:
$query = mysqli_query($con, "YOUR_QUERY");
$con来自YOUR_DB_CONFIG_FILE.php。在您的情况下dbConnect.php