我的mySQL数据库中有一个简单的成员表,其中包含以下字段: memberID,username,password,role 。
我希望在登录特定的角色时打印文本。我使用用户名进行了尝试,此处效果非常好:
<?php if ($_SESSION['username'] == 'Barbara') : ?>
<span>Hello Admin!</span>
<?php endif; ?>
但是当我尝试使用角色做同样的事情时,它不会打印任何内容。
<?php if ($_SESSION['role'] == 'admin') : ?>
<span>Hello Admin!</span>
<?php endif; ?>
可能是什么原因?
这是我的登录脚本:
<?php
require_once('includes/config.php');
if( $user->is_logged_in() ){ header('Location: memberpage.php'); }
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
if($user->login($username,$password)){
$_SESSION['username'] = $username;
header('Location: memberpage.php');
exit;
} else {
$error[] = 'Wrong username or password or your account has not been activated.';
}
}
$title = 'Login';
require('layout/header.php');
?>
答案 0 :(得分:1)
你试试下面的代码
<?php session_start();
$_SESSION['name']='urname';
$_SESSION['role']='admin';
if($_SESSION['role']=='admin')
{?>
<span>your logged as a admin</span>
答案 1 :(得分:1)
使用新方法更新了User.php类,以根据用户名获取userData。您只需要使用一次用户名。执行(除非您想加载其他用户数据)
然后更新会话设置器以获取角色数据,并进行设置。
最佳乔纳斯
尝试使用以下内容更新您的User.php文件:
<?php
include('password.php');
class User extends Password{
private $_db;
private $_userData;
function __construct($db){
parent::__construct();
$this->_userData = null;
$this->_db = $db;
}
private function get_user_hash($username){
try {
$stmt = $this->_db->prepare('SELECT password FROM members WHERE username = :username AND active="Yes" ');
$stmt->execute(array('username' => $username));
$row = $stmt->fetch();
return $row['password'];
} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
}
}
public function login($username,$password){
$hashed = $this->get_user_hash($username);
if($this->password_verify($password,$hashed) == 1){
$_SESSION['loggedin'] = true;
return true;
}
}
public function getUserData($username = null)
{
if( is_null( $this->_userData ) && is_null( $username ) )
{
return null;
}
if( !is_null( $this->_userData ) && is_null( $username ) )
{
return $this->_userData;
}
if( !is_null($username) )
{
try {
$stmt = $this->_db->prepare('SELECT username,role FROM members WHERE username = :username AND active="Yes" ');
$stmt->execute(array('username' => $username));
$this->_userData = $stmt->fetch(PDO::FETCH_OBJ);
return $this->_userData;
} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
}
}
}
public function logout(){
session_destroy();
}
public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
}
}
}
?>
然后,这样做:
<?php
require_once('includes/config.php');
if( $user->is_logged_in() ){ header('Location: memberpage.php'); }
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
if($user->login($username,$password)){
$userData = $user->getUserData( $username );
// This is where you set your username session
$_SESSION['username'] = $username;
// Set your role session here aswell
$_SESSION['role'] = $userData->role;
header('Location: memberpage.php');
exit;
} else {
$error[] = 'Wrong username or password or your account has not been activated.';
}
}
$title = 'Login';
require('layout/header.php');
?>
答案 2 :(得分:-1)
您的会话只是存储用户名而非角色,您需要从数据库加载角色,即
<?php
$rUserInfo=mysql_query("select * from members where username='".addslashes($_SESSION['username'])."'");
if($aUserInfo=mysql_fetch_array($rUserInfo))
{
if($aUserInfo['role']=='admin')
{
?>
<span>Hello Admin!</span>
<?php
}
}
?>