我有一个问题,我需要插入功能,admin_list_students只设置管理员登录并访问这些功能或网页。然后我需要它,所以用户只能访问user_list_students。目前,当用户登录时,他们也可以访问管理区域。我尝试设置2个不同的登录页面,但是当用户登录时,他们可以再次访问管理页面。
student.php控制器
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Student extends CI_Controller {
function __construct()
{
parent::__construct();
$this->load->model('login/student_model');
}
//Shows the dashboard
public function index()
{
if($this->session->userdata('is_logged_in'))
{
$this->load->view('header');
$this->load->view('student');
$this->load->view('login/footer');
}else{
$this->load->view('login/header');
$this->load->view('login/content');
$this->load->view('login/footer');
}
}
//Insert the Student
public function insert_student()
{
$interest=implode(',',$this->input->post('interest'));
$data=array('name'=>$this->input->post('name'),
'address'=>$this->input->post('address'),
'year'=>$this->input->post('year'),
'gender'=>$this->input->post('gender'),
'interest'=>$interest,
'status'=>1);
//print_r($data);
$result=$this->student_model->insert_student($data);
if($result==true)
{
$this->session->set_flashdata('msg',"Student Records Added Successfully");
redirect('student');
}
else
{
$this->seesion->set_flashdata('msg1',"Student Records Added Failed");
redirect('student');
}
}
//List of students
public function admin_list_students()
{
if($this->session->userdata('is_logged_in'))
{
$data['student']=$this->student_model->get_student();
$this->load->view('header');
$this->load->view('admin_list_of_students',$data);
$this->load->view('login/footer');
}
else{
$this->load->view('login/header');
$this->load->view('login/content');
$this->load->view('login/footer');
}
}
//List of students
public function user_list_students()
{
if($this->session->userdata('is_logged_in'))
{
$data['student']=$this->student_model->get_student();
$this->load->view('header');
$this->load->view('user_list_of_students',$data);
$this->load->view('login/footer');
}
else{
$this->load->view('login/header');
$this->load->view('login/content');
$this->load->view('login/footer');
}
}
public function delete_student()
{
$id=$this->input->post('id');
$data=array('status'=>0);
$result=$this->student_model->delete_student($id,$data);
if($result==true)
{
$this->session->set_flashdata('msg1',"Deleted Successfully");
redirect('student/list_students');
}
else
{
$this->session->set_flashdata('msg1',"Student Records Deletion Failed");
redirect('student/list_students');
}
}
public function edit_student()
{
$id=$this->uri->segment(3);
$data['student']=$this->student_model->edit_student($id);
$this->load->view('header',$data);
$this->load->view('edit_student');
}
public function update_student()
{
$id=$this->input->post('id');
$interest=implode(',',$this->input->post('interest'));
$data=array('name'=>$this->input->post('name'),
'address'=>$this->input->post('address'),
'year'=>$this->input->post('year'),
'gender'=>$this->input->post('gender'),
'interest'=>$interest,
'status'=>1);
$result=$this->student_model->update_student($data,$id);
if($result==true)
{
$this->session->set_flashdata('msg',"Student Records Updated Successfully");
redirect('student/list_students');
}
else
{
$this->session->set_flashdata('msg1',"No changes Made in Student Records");
redirect('student/list_students');
}
}
}
?>
login.php控制器
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller {
/**
* Check if the user is logged in, if he's not,
* send him to the login page
* @return void
*/
function index()
{
if($this->session->userdata('is_logged_in'))
{
redirect('student');
}else{
$this->load->view('login/header');
$this->load->view('login/content');
}
}
/**
* encript the password
* @return mixed
*/
function __encrip_password($password) {
return md5($password);
}
/**
* check the username and the password with the database
* @return void
*/
function validate()
{
$this->load->model('login/login_model');
$username = $this->input->post('username');
$password = $this->__encrip_password($this->input->post('password'));
$is_valid = $this->login_model->validate($username, $password);
if($is_valid)/*If valid username and password set */
{
$get_id = $this->login_model->get_id($username, $password);
foreach($get_id as $val)
{
$mobileno = $val->mobileno;
$fname = $val->firstname;
$lname = $val->lastname;
$state = $val->state;
$email=$val->email;
$city = $val->city;
$username=$val->username;
$adminid=$val->admin_id;
}
$data = array(
'mobileno'=>$mobileno,
'firstname'=>$fname,
'lastname'=>$lname,
'email'=>$email,
'state'=>$state,
'city'=>$city,
'admin_id' => $adminid,
'username' => $username,
'is_logged_in' => true
);
// print_r($data);
$this->session->set_userdata($data); /*Here you can set the values in session */
redirect('student');
}
else // incorrect username or password
{
$this->session->set_flashdata('msg', 'Username or Password Incorrect');
redirect('login');
}
}
/**
* Destroy the session, and logout the user.
* @return void
*/
public function logout()
{
$this->session->sess_destroy();
redirect('login');
}
}
login.php模型
<?php
class Login_model extends CI_Model {
/**
* Validate the login's data with the database
* @param string $user_name
* @param string $password
* @return void
*/
/*Check Login*/
function validate($username, $password)
{
$this->db->where('password', $password);
$this->db->where('username', $username);
$query = $this->db->get('membership');
if($query->num_rows == 1)
{
return true;
}
}
/*Get Session values */
function get_id($username, $password)
{
$this->db->select('*');
$this->db->from('membership');
$this->db->where('password', $password);
$this->db->where('username', $username);
$query = $this->db->get();
return $query->result();
}
}
答案 0 :(得分:0)
如果您在一个表中搜索不同类型的用户,并且在登录用户时您必须在会话中使用其唯一ID保存用户类型,则必须在数据库表中设置用户类型 并且在提供访问权限时必须检查此类型。
答案 1 :(得分:0)
您为用户和管理员设置会话'is_logged_in',以便用户可以查看管理页面。
将usertype添加为表格字段,当插入时添加为“admin”或“user”。
设置会话集时使用类型$this->session->set_userdata('usertype')
并检查为
$this->session->userdata('usertype') == 'admin'
要么
$this->session->userdata('usertype') == 'user'
答案 2 :(得分:0)
您需要在validate() - &gt; $ data数组中设置一个额外的值,例如 is_admin 。基于此参数,您可以访问网站的certan管理区域,如下所示: 在 student.php 控制器中,
public function admin_list_students()
{
if($this->session->userdata('is_logged_in') and $this->session->userdata('is_admin'))
{ ...etc