我正在忙着登录脚本,但我现在卡住了PHP代码“if”行。
我想给排名检查一个自己的消息,即用户不被允许,因为他没有正确的管理员登录等级。此时它会显示错误用户名或密码的消息。
我的代码:
<?php
session_start();
include_once 'dbconnect.php';
if(isset($_SESSION['userSession']))
{
header("Location: home.php");
exit;
}
if(isset($_POST['btn-login']))
{
$email = $MySQLi_CON->real_escape_string(trim($_POST['user_email']));
$upass = $MySQLi_CON->real_escape_string(trim($_POST['password']));
$query = $MySQLi_CON->query("SELECT user_id, user_email, user_pass, user_rank FROM users WHERE user_email='$email'");
$row=$query->fetch_array();
if(password_verify($upass, $row['user_pass']) && ($row['user_rank'] == '2'))
{
$_SESSION['userSession'] = $row['user_id'];
header("Location: home.php");
}
else
{
$msg = "<div class='alert alert-danger'>
<span class='glyphicon glyphicon-info-sign'></span> email or password does not exists!
</div>";
}
$MySQLi_CON->close();
}
?>
我还是有点新的PHP。
答案 0 :(得分:1)
只需添加else if阶段即可。你可以拥有你想要的那么多,只是不要过分。
if(password_verify(...)) {
...
} else if ($rank != 2) {
... wrong rank
} else if (...) {
...
} else {
...
}
答案 1 :(得分:0)
只需在密码中添加if-Statement,请检查if-Statement,以便仅在密码匹配时检查排名。
if(isset($_SESSION['userSession']))
{
header("Location: home.php");
exit;
}
if(isset($_POST['btn-login']))
{
$email = $MySQLi_CON->real_escape_string(trim($_POST['user_email']));
$upass = $MySQLi_CON->real_escape_string(trim($_POST['password']));
$query = $MySQLi_CON->query("SELECT user_id, user_email, user_pass, user_rank FROM users WHERE user_email='$email'");
$row = $query->fetch_array();
if(password_verify($upass, $row['user_pass']))
{
if($row['user_rank'] == '2'){
$_SESSION['userSession'] = $row['user_id'];
header("Location: home.php");
} else {
echo "You need a higher rank";
}
}
else
{
$msg = "<div class='alert alert-danger'>
<span class='glyphicon glyphicon-info-sign'></span> email or password does not exists!
</div>";
}
$MySQLi_CON->close();
}
?>