将用户限制在自己的页面并显示自己的项目

时间:2015-12-08 10:41:03

标签: php html mysql

我有一个登录脚本,其管理员已重定向到他自己的页面dashboardadmin.php。然后我有一个名为dashboarduser.php的页面。用户拥有自己的页面dashboarduser.php。当用户来dashboarduser.php时,它应该只显示他们的项目。现在它显示了所有项目。我创建了显示项目的omproject.php。所以我想要的是当用户登录时应该来dashboarduser.php并且只显示他们的项目。

index.php

<?php
        if (isset($_GET['error'])) {
            echo '<p class="error">Error!</p>';
        }
?> 
        <form action="includes/process_login.php" method="post" name="login_form">                      
          
		  <label for="email"> Email:</label> <input type="email" id="email" name="email" />
			
            <label for="password">Password: </label> <input type="password" 
                             name="password" 
                             id="password"/>
							 
			<input type="submit" 
                   value="Login"
                   onclick="formhash(this.form, this.form.password);" /> 
                   
</form>

process_login.php

<?php
include_once 'db_connect.php';
include_once 'functions.php';
 
sec_session_start(); // Our custom secure way of starting a PHP session.
 
if (isset($_POST['email'], $_POST['p'])) {
    $email = $_POST['email'];
    $password = $_POST['p']; // The hashed password.
 
    if (login($email, $password, $mysqli) == true) {
        // Login success 
        header('Location: ../dashboardadmin.php');
    } else {
        // Login failed 
        header('Location: ../index.php?error=1');
    }
} else {
    // The correct POST variables were not sent to this page. 
    echo 'Invalid Request';
}

?>

sql DB SQL DB

成员 项目 enter image description here

dashboarduser.php

$sql= "SELECT pid, project_name, image, image_type FROM project";

$result = $conn->query($sql);

if ($result->num_rows > 0) {
    while($row = $result->fetch_array()) {
		
        //$type= "Content-type:".$row['image_type'];
		//header ($type);
		echo "<form action='omprojekt.php' method='post'><button name='submit'>
            <div> 
                <img src=pic.php?pid=".$row['pid']." width=100px height=100px/>"." ".$row['project_name']."
            
            <input type='hidden' name='pid' value='".$row['pid']."'>
            <input type='hidden' name='project_name' value='".$row['project_name']."'>
            

            </div>
       </button></form>";
        
    }
}
    
else {
    echo "0 results";
}

omproject.php

<?php
    
$val = (isset($_POST['pid']) && isset($_POST['project_name'])) ? 
    "<img src=pic.php?pid={$_POST['pid']} width=100xp height=100xp/> {$_POST['project_name']}" : '';    
    
if(isset($_POST['submit'])){
    
echo "$val";
}
   
?>

1 个答案:

答案 0 :(得分:1)

项目表和用户表之间没有链接。您需要在项目表中添加一个列,该列引用拥有该项目的用户。我们暂时将该表命名为“user_id”。 登录后,您应该拥有登录用户的ID。您可以使用它来获取他们的项目。然后,要获取他们的项目,您可以使用以下SQL查询:

    $sql= "SELECT pid, project_name, image, image_type FROM project WHERE user_id =" . $loggedInUserId;