在登录时将特定用户ID重定向到特定页面

时间:2016-06-24 13:27:51

标签: php mysql

数据库中有一个特定用户,我想在登录时将其重定向到特定页面:

$query = mysql_query("select * from login where password='$password' AND username='$username'", $connection);
$rows = mysql_num_rows($query);
//But not working
if ($rows == 1 && $id== 4) { 
    header("location: viewdemo.php"); // ID 4 Redirecting To this Page
} 
elseif($rows == 1) {
    header("location: view.php"); // Any other user To this Page
}   
else {
    $error = "Username or Password is invalid";
}
// Closing Connection
mysql_close($connection);
}

我知道我错了的部分是:

if ($rows == 1 && $id== 4)

1 个答案:

答案 0 :(得分:1)

你会想要做一些利用函数(或类,但这可能超出你现在能够做的事情)的事情

<强> /config.php 

// Include this config file on every page, put your db credentials
define('DB_HOST','localhost');
define('DB_USERNAME','dbusername');
define('DB_PASSWORD','dbpassword');
define('DB_NAME','dbname');
define('DS',DIRECTORY_SEPARATOR);
define('FUNCTIONS',__DIR__.DS.'functions');
// Start your session here.
session_start();

<强> /functions/connect.php 

// This is a very simplistic PDO connection, take a look at how to expand this
function connect()
    {
        return new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME,DB_USERNAME,DB_PASSWORD);
    }

<强> /functions/query.php 

// This is a very basic query function, it will query safely if you do it right
// It will also return rows if you tell it to
function query($con,$sql,$return = false,$bind = false)
    {
        // The bind array is valuable to secure user input (from post or get)
        if(is_array($bind)) {
            foreach($bind as $key => $value) {
                $nkey           =   ":{$key}";
                $nBind[$nkey]   =   $value;
            }
        }
        // This then runs the safe query using the values
        if(!empty($nBind)) {
            $query  =   $con->prepare($sql);
            $query->execute($nBind);
        }
        // If you want to run a straight query, this will run instead
        else {
            $query  =   $con->query($sql);
        }
        // If you want to return data (from a select statement)
        // This will return an array of rows
        if($return) {
            while($result = $query->fetch(PDO::FETCH_ASSOC)) {
                $row[]  =   $result;
            }
            // Sends back any rows or 0 if no rows found
            return (!empty($row))? $row : 0;
        }
    }

<强> /functions/loginUser.php 

// This is a function to check login credentials. It's very flawed in that
// your passwording is very insecure
function loginUser($username,$password,$con)
    {
        $user   =   query($con,"select * from `login` where `password` = :0 AND `username` = :1",true,array($username,$password));

        return $user;
    }

<强> /login.php 

// Include all your required files
require_once(__DIR__.DIRECTORY_SEPARATOR.'config.php');
require_once(FUNCTIONS.DS.'connect.php');
require_once(FUNCTIONS.DS.'query.php');
require_once(FUNCTIONS.DS.'loginUser.php');
// Get your database connection
$con    =   connect();
// Do the login
// I don't know where you get $username or $password from though....
$login  =   loginUser($username,$password,$con);
// Just see what is returned for your reference
print_r($login);
// If the login has returned a valid row
if($login != 0) {
    // Set the location by $id
    // I have no idea where you set $id...
    $location   =   ($id == 4)? "viewdemo.php" : "view.php";
    // Redirect
    header("location: ".$location);
    // It is good practice to exit here.
    exit;
}
else
    $error = "Username or Password is invalid";
相关问题
最新问题