我有一个基于PHP / MySQL的网站,其中包含用于管理页面的成员页面和文件夹的文件夹。我想根据他们登录的方式将用户引导到不同的页面 - 作为成员或管理员(来自主用户页面) - 这是我尝试过的功能,但它不起作用。
如何编写适合此功能的函数?
function connectadmin($level) {
if ($level === "Administrator"){
include('admin/home.php');
}elseif ($level === "Member"){
include('member/home.php');
}
}
connectadmin($level);
答案 0 :(得分:2)
好吧,你应该重定向你的用户,而不是包含文件:
// At beggining of this file insert this line
// Start session
session_start();
function connectadmin($level) {
if ($level === "Administrator"){
// Set user role
$_SESSION['role'] = 'Administrator';
// Redirect user
header('Location: admin/home.php');
exit();
}elseif ($level === "Member"){
// Set user role
$_SESSION['role'] = 'Member';
// Redirect user
header('Location: member/home.php');
exit();
}
}
// $level should be something you retrieve from your Database for example
// And perhaps, should be 'Administrator' or 'Member' following your example
connectadmin($level);
重定向用户不要忘记验证登录用户是否可以访问重定向页面。
编辑:例如,如果您要验证用户是否是管理员并且可以访问页面admin / home.php,请执行以下操作:
// You should get from your database, some file or use sessions,
// in your function I have used sessions, so lets use them here too
// At beggining of your file use this
session_start();
// If user is not Administrator
if($_SESSION['role'] !== 'Administrator'){
// It's not admin, let redirect him to somewhere else or show him a Access not allowed page
header('Location: accessNotAllowed.php');
exit();
}