需要手动刷新页面

时间:2016-08-19 18:15:41

标签: javascript php jquery html css

我正在使用一种旧的PHP版本,即5.4。如果条件不仅仅显示给员工用户类型,我已经在PHP中覆盖了一些HTML内容。问题是当我以管理员身份登录时,我会看到管理员内容。在注销后,我以员工身份登录,我仍然可以在页面中看到管理员内容,但不应该是这种情况。

该页面是这样的:

Header.php + content.php + footer.php

的header.php

<?php
session_start();

//print_r($_SESSION); for debugging purpose
if(!isset($_SESSION['uname'])){

 header("Location:index.php");
}
$baseurl = "http://localhost/yauwana-fyp-hrm/trunk/";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Rising Logistics</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/styles.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and  media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js">   </script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"> </script>
<![endif]-->
<link href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/styles.css" rel="stylesheet">

<!-- suggession text box -->
<script type="text/javascript"
    src="js/jquery.min.js"></script>
    <script type="text/javascript"
    src="js/jquery-ui.min.js"></script>
  <link rel="stylesheet" type="text/css"
      href="css/jquery-ui.css" />

</head>

<body>
<header>
<div class="container padded-top">
    <div class="row">
        <div class="col-md-6">
            <div class="logo">
                <a href="#" title="Rising Logistics">
                    <img src="<?php echo $baseurl; ?>images/logo.jpg" class="img-responsive"/>
                </a>
            </div>
        </div>
        <div class="col-md-6">
            <div class="dropdown pull-right admin-area">
                <button class="btn btn-default dropdown-toggle" type="button" id="login-menu" data-toggle="dropdown" aria-haspopup="true" aria-expanded="true">
                    <span class="glyphicon glyphicon-user" aria-hidden="true"></span>
                    Welcome <strong><?php echo $_SESSION['uname']; ?></strong>
                    <span class="caret"></span>
                </button>
                <ul class="dropdown-menu" aria-labelledby="login-menu">
                    <li><a href="#">About</a></li>
                    <li><a href="includes/logout.php">Log Out</a></li>
                </ul>
            </div>
        </div>
    </div>
</div>
<div class="container">
  <div class="row">
    <div class="col-md-12 col-lg-12 col-xs-12 col-sm-12 col-ms-12">
        <div class="navbar navbar-default top-navbar" role="navigation">
            <div class="navbar-header">
                  <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
                    <span class="sr-only">Toggle navigation</span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                  </button>
               </div>
            <div class="collapse navbar-collapse">
                   <ul class="nav navbar-nav">
                  <li class="active"><a href="./" class="dropdown-toggle" data-toggle="dropdown">Recruitement</a>
                    <ul class="dropdown-menu multi-level">
                      <li><a href="template1.php?tab=home">Vacancies</a></li>
                      <li><a href="template1.php?tab=vacancies">Listed Candidates</a></li>
                      <li><a href="template1.php?tab=add_vac">Add Candiate</a></li>
                      </ul>
                    </li>
                  <li><a href="./" class="dropdown-toggle" data-toggle="dropdown">Performance</a>
                    <ul class="dropdown-menu multi-level">
                      <li><a href="template1.php?tab=kpi_list">KPI List</a></li>
                      <li><a href="template1.php?tab=add_kpi">Add KPI</a></li>
                      <li><a href="template1.php?tab=add_reviews">Add Reviews</a></li>
                      <li><a href="template1.php?tab=reviews">Reviews</a></li>
                      </ul>
                    </li>
                  <li><a href="./" class="dropdown-toggle" data-toggle="dropdown">Leave</a>
                    <ul class="dropdown-menu multi-level">
                      <li><a href="template1.php?tab=add_leave">Add Leave</a></li>
                      <li><a href="template1.php?tab=leave_entitlement">Leave Entitlement</a></li>
                      <li><a href="template1.php?tab=leave_summary">Leave Summary </a></li>
                      </ul>
                    </li>
                  <li><a href="./"  class="dropdown-toggle" data-toggle="dropdown">PIM</a>
                     <ul class="dropdown-menu multi-level">
                     <?php if($_SESSION['ut'] != "Employee"){?>
                      <li><a href="template1.php?tab=employee_list">Employee List</a></li>
                      <?php } ?>
                      <li><a href="template1.php?tab=add_employee">Add Employee</a></li>
                      <li><a href="template1.php?tab=reports">Reports</a></li>

                      </ul>
                    </li>
                  <li><a href="./" class="dropdown-toggle" data-toggle="dropdown">Admin</a>
                     <ul class="dropdown-menu multi-level">
                      <li><a href="template1.php?tab=termionation_reason">Termination Reason</a></li>
                      <li><a href="template1.php?tab=job_titles">Job Titles</a></li>
                      <li><a href="template1.php?tab=user_create">Add Users</a></li>
                      <li><a href="template1.php?tab=user_list">User List</a></li>
                     </ul>
                        </li>
                      <li><a href="./">Help</a></li>
                      </ul>
            </div>
            <!--/.nav-collapse -->
        </div>
    </div>
  </div>
</div>
</header>
<div class="clearfix"></div>

Content.php

<!-- delete ajax function begin  -->
<script type="text/javascript">
function showUser(p)
{
   //alert (p);

//if (str=="")
//{
// document.getElementById("txtHint").innerHTML="";
// return;
// }
 if (window.XMLHttpRequest)
 {// code for IE7+, Firefox, Chrome, Opera, Safari
 xmlhttp=new XMLHttpRequest();
 }
 else
 {// code for IE6, IE5
 xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
 }

 xmlhttp.onreadystatechange=function()
 {

 if (xmlhttp.readyState==4 && xmlhttp.status==200)
  {
     //delete table row
  var tr  = document.getElementById(p).parentNode.parentNode;
 tr.parentNode.removeChild(tr);
location.reload();
 }
}

var full = "?s="+p;
xmlhttp.open("GET","menu/KPI list/kpi_delete.php"+full,true);
xmlhttp.send();

}
</script>

<!-- delete ajax function end -->

<div class="body-div container padded-bottom">
 <?php

$database->getConnection();

/*
    Place code to connect to your DB here.
*/
//include('config.php');    // include your code to connect to DB.

$tbl_name="kpi";        //your table name
// How many adjacent pages should be shown on each side?
$adjacents = 1;

/*
   First get total number of rows in data table.
   If you have a WHERE clause in your query, make sure you mirror it here.
*/

$emp_id=$_SESSION['emp_id'];
if($_SESSION['ut'] == "Employee")
{
    $query = "SELECT COUNT(*) as num FROM $tbl_name WHERE emp_id = $emp_id ";

}
else{
        $query = "SELECT COUNT(*) as num FROM $tbl_name";

}

$total_pages = mysql_fetch_array(mysql_query($query));
$total_pages = $total_pages['num'];

/* Setup vars for query. */
$targetpage = "template1.php?tab=kpi_list";     //your file name  (the name of this file)
$limit = 1;
                                 //how many items to show per page

if(isset($_GET['page'])){
$page = $_GET['page'];
    $start = ($page - 1) * $limit;             //first item to display on this page
}else{
    $start = 0;
    $page=0;                            //if no page var is given, set start to 0
}
/* Get data. */
$sql = "SELECT * FROM $tbl_name order by kpi_no desc LIMIT $start, $limit ";
$result = mysql_query($sql);

/* Setup page vars for display. */
if ($page == 0) $page = 1;                    //if no page var is given, default to 1.
$prev = $page - 1;                            //previous page is page - 1
$next = $page + 1;                            //next page is page + 1
$lastpage = ceil($total_pages/$limit);        //lastpage is = total pages / items per page, rounded up.
$lpm1 = $lastpage - 1;                        //last page minus 1

/*
    Now we apply our rules and draw the pagination object.
    We're actually saving the code to a variable in case we want to draw it more than once.
*/
$pagination = "";
if($lastpage > 1)
{
    $pagination .= "<div class=\"pagination-new\">";
    //previous button
    if ($page > 1)
        $pagination.= "<a href=\"$targetpage&page=$prev\">« previous</a>";
    else
        $pagination.= "<span class=\"disabled\">« previous</span>";

    //pages
    if ($lastpage < 7 + ($adjacents * 2))    //not enough pages to bother breaking it up
    {
        for ($counter = 1; $counter <= $lastpage; $counter++)
        {
            if ($counter == $page)
                $pagination.= "<span class=\"current\">$counter</span>";
            else
                $pagination.= "<a href=\"$targetpage&page=$counter\">$counter</a>";
        }
    }
    elseif($lastpage > 5 + ($adjacents * 2))    //enough pages to hide some
    {
        //close to beginning; only hide later pages
        if($page < 1 + ($adjacents * 2))
        {
            for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++)
            {
                if ($counter == $page)
                    $pagination.= "<span class=\"current\">$counter</span>";
                else
                    $pagination.= "<a href=\"$targetpage&page=$counter\">$counter</a>";
            }
            $pagination.= "...";
            $pagination.= "<a href=\"$targetpage?page=$lpm1\">$lpm1</a>";
            $pagination.= "<a href=\"$targetpage?page=$lastpage\">$lastpage</a>";
        }
        //in middle; hide some front and some back
        elseif($lastpage - ($adjacents * 2) > $page && $page > ($adjacents * 2))
        {
            $pagination.= "<a href=\"$targetpage&page=1\">1</a>";
            $pagination.= "<a href=\"$targetpage&page=2\">2</a>";
            $pagination.= "...";
            for ($counter = $page - $adjacents; $counter <= $page + $adjacents; $counter++)
            {
                if ($counter == $page)
                    $pagination.= "<span class=\"current\">$counter</span>";
                else
                    $pagination.= "<a href=\"$targetpage&page=$counter\">$counter</a>";
            }
            $pagination.= "...";
            $pagination.= "<a href=\"$targetpage&page=$lpm1\">$lpm1</a>";
            $pagination.= "<a href=\"$targetpage&page=$lastpage\">$lastpage</a>";
        }
        //close to end; only hide early pages
        else
        {
            $pagination.= "<a href=\"$targetpage&page=1\">1</a>";
            $pagination.= "<a href=\"$targetpage&page=2\">2</a>";
            $pagination.= "...";
            for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++)
            {
                if ($counter == $page)
                    $pagination.= "<span class=\"current\">$counter</span>";
                else
                    $pagination.= "<a href=\"$targetpage&page=$counter\">$counter</a>";
            }
        }
    }

    //next button
    if ($page < $counter - 1)
        $pagination.= "<a href=\"$targetpage&page=$next\">next »</a>";
    else
        $pagination.= "<span class=\"disabled\">next »</span>";
    $pagination.= "</div>\n";
  }
 ?>
<!--  end of the pagination          -->

   <div class="row">
        <div class="col-xs-12 col-ms-12 col-sm-12 col-md-12 col-lg-12">
        <h1>KPI List</h1>
            <form action="menu/KPI list/kpi_search.php" method="post" name="testform">
            <div class="well well-sm">
                <div class="pull-left">
                    <select name="com" class="form-control">
                        <option value="f_name">First Name</option>
                        <option value="l_name">Last Name</option>
                        <option value="date">Date</option>
                    </select>
                    <div class="gap clearfix"></div>
                    <!-- <div id="testform_com_errorloc" class="alert alert-danger">Error message</div>  -->
                </div>
                 <div class="pull-left">
                    <input id="firstname" type="text" name="firstname" value="" class="required comment form-control" data-validation="required" data-validation-error-msg-required="This field is required"/>
                    <div class="gap clearfix"></div>
                   <!--  <div id="testform_firstname_errorloc" class="alert alert-danger">Error message</div>  -->
                </div>
                <div class="pull-left"><input name="submit" type="submit" value="Search" class="btn btn-default"/></div>
              </div>

           </form>
            <div class="gap"></div>

 <table class="table table-striped">
            <tr>
                <th>Employee First Name</th>
                <th>Employee Last Name</th>
                <th>Job Title</th>
                <th>Date</th>
                <th>KPI given by</th>
 <?php if($_SESSION['ut'] != "Employee"){ ?>
                <th>Edit</th>
                <th>Delete</th>
                <th>Give Marks</th>
                <?php } ?>
                <th>View</th>
            </tr>
            <tr>
                <?php

    while($row = mysql_fetch_array($result))

    {
               $p = $row["kpi_no"];
                 $value = "1";
                ?>
                <td><?php echo $row['e_f_name'];; ?></td>
                <td><?php echo $row['e_l_name']; ?></td>
                <td><?php echo $row['vac_name']; ?></td>
                <td><?php echo $row['date']; ?></td>
                <td><?php echo $row['kpi_given']; ?></td>
                **<?php if($_SESSION['ut'] != "Employee"){ ?>**
                <td class="text-center">
                    <a href="menu/KPI list/kpi_edit_details.php?x=<?php echo $p; ?>&v=<?php echo $page; ?>&val=<?php echo $value; ?>">
                        <!--<img width="15" height="15" src="http://localhost/project_2012/images/edit-icon.png"/>-->
                        <span class="glyphicon glyphicon-edit"></span>
                    </a>
                </td>
                <td class="text-center">
                    <div id="<?php  echo $p; ?>" style="width:50px; "><a href="javascript:showUser(<?php echo $p; ?>)" onclick="return confirm('Are you sure you want to delete?')"></div>
                        <span class="glyphicon glyphicon-trash"></span>
                    </a>
                </td>
                <td class="text-center">
                     <a href="menu/KPI list/give_marks.php?x=<?php echo $p; ?>&v=<?php echo $page;?>">
                        <span class="glyphicon glyphicon glyphicon-certificate"></span>
                    </a>
                </td>
                **<?php }?>**
                 <td class="text-center">
                   <a href="view_vac.php?x=<?php echo $p; ?>" target="_blank">
                        <span class="glyphicon glyphicon-zoom-in"></span>
                    </a>
                </td>
            </tr>
             <?php    } // End of while loop
    ?>
        </table>
        <!--end of table -->
         <br/><br/>
        <?php  echo $pagination; ?>

   </div>
</div>
</div>

</body>
</html>

Footer.php

<footer>
   <center>
    Rising Logistics<br/>
    &copy; <?php date("Y") ?> Rising Logistics, Inc. All rights reserved.
    </center>
</footer>
<!-- <script src="js/jquery.min.js"></script> -->
<script src="js/bootstrap.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.2.8/jquery.form-validator.min.js"></script>

<script src="js/common.js"></script>

Logout.php:

 <?php
       session_start();
        session_destroy();
        header("Location:../index.php");
 ?>

Login_validaton.php

        <?php
include('database.php');
include('loghis.php');
$con = $database->getConnection();

$time =   mktime(date('H')+5,date('i')+30,date('s'),date('m'),date('d'),date('Y'));

$hourr = date('H',$time);//current time hour
$minn =date('i',$time);//current time min
$secc = date('s',$time);//current time seconds
$year = date('Y',$time);//current year
$month = date('m',$time);//current month
$date = date('d',$time);//current day
$b=$year."-".$month."-".$date;
$intime = $hourr.":".$minn.":".$secc;
$username = addslashes($_POST['username']);
$password = md5(addslashes($_POST['password']));
$msg = "username or password incorrect";
$result = mysql_query("SELECT * FROM users WHERE user_name='$username' and password ='$password'");

//echo $username;
 $row=mysql_num_rows($result);
//echo "1";
 if($row==1){//begin of $row count

 session_start();

 $_SESSION['uname']=$username;
 $res = mysql_fetch_array($result);
 $_SESSION['ut']=$res['emp_division'];
 $use = $res['user_name'];
 $pass = $res['password'];
 $_SESSION['emp_id'] = $res['emp_id'];
 $_SESSION['emp_division'] = $res['emp_division'];
  $logh = new loginHis;
 $logh->his($username,$b,$intime);

 header("Location:../../trunk/template1.php");

 }//end of $row count
 else {
header("Location:../../trunk/index.php?err=$msg");
}

?>

我在content.php文件中加粗了PHP行。希望这很清楚,并帮助我解决问题。

2 个答案:

答案 0 :(得分:1)

您可以尝试更改'Logout.php'中的标题语句

header("Location:../index.php?logedout");

避免缓存页面

答案 1 :(得分:0)

此案例的最佳解决方案是在您的数据库中定义“user_type”列,并通过用户类型将值返回到您的会话对象,您可以将管理员用户和普通用户从不同的内容中分离出来。

现在您没有分离,这就是普通用户可以看到管理员内容的原因。