$ _Session ['用户']无法识别PHP

时间:2016-09-08 07:14:34

标签: php session

我希望显示不同的消息,具体取决于登录的用户是否为admin。我的session.php中有两个 $ _ SESSION 变量,可以根据用户名/密码组合将我带到会员页面或管理页面。这工作正常,但是当我尝试为每个会话显示不同的消息时,只显示第一条消息,并且我已经尝试了大量此代码的变体并在线搜索但我无法找到答案。救命啊!

<?php

include 'session.php';
include 'Header.php';

?>
<div id="main">
<?php

if(isset($_SESSION['login_admin'])){

 echo "HELLO admin";


}
elseif(isset($_SESSION['login_user'])) {
     echo "Hello";
 }



?>
</div>

所以我的网页正在识别&#39; login_admin&#39;但是当我登录为“登录_用户”时它显示管理员消息,而不是用户消息。

编辑:session_start()在我的所有页面中。

登录代码:

<body>
<?php
include 'Header.php';
?>
<div id="main">
<div id="login">
<center>
<h2>Login</h2><br />
<form action = "session.php" method = "post" name="log">
              <label>UserName  :</label><input type = "text" name =   "username" class = "box"/><br /><br />
              <label>Password  :</label><input type = "password" name = "password" class = "box" /><br/><br />
              <input type = "submit" value = " Submit "/><br />
           </form>
</center>
</div>
<br />
</div>
<?php
include 'footer.php';
?>
</body>

session.php文件

<?php
session_start();
$con = mysqli_connect("localhost","root","", "movies");




  if($_SERVER["REQUEST_METHOD"] == "POST") {
  // username and password sent from form 

  $myusername = mysqli_real_escape_string($con,$_POST['username']);
  $mypassword = mysqli_real_escape_string($con,$_POST['password']); 

  $sql = "SELECT ID FROM login WHERE username = '$myusername' and password =  '$mypassword'";
  $result = mysqli_query($con,$sql);
  $row = mysqli_fetch_array($result,MYSQLI_ASSOC);


  $count = mysqli_num_rows($result);


  // If result matched $myusername and $mypassword, table row must be 1 row

  if($count == 1) {

     $_SESSION['login_user'] = $myusername;
     $_SESSION['login_admin'] = $myusername;


     header("location: MembersPage.php");

  }

 if($_SESSION['login_admin'] == 'admin'){


     $_SESSION['login_admin'] = $myusername;

      header("location: admin.php");

 }


  else {
     echo  "Your Login Name or Password is invalid";
  }




  }

 ?>

Logout.php 

<?php
session_start();

if(session_destroy()) {
  header("Location: Login.php");
}
?>

2 个答案:

答案 0 :(得分:1)

您忘记使用session_start();。在页面顶部添加。

我建议您检查每个页面或大多数页面中的session,然后在session_start上添加header.php(如果您创建的话)。这将使您免于此类问题

这是问题

if($count == 1) {

     $_SESSION['login_user'] = $myusername;
     $_SESSION['login_admin'] = $myusername;   

     header("location: MembersPage.php");

  }

每次用户登录或管理员设置login_adminlogin_user时,$_SESSION['login_admin']始终有值显示您随时欢迎管理员

table名称user_role中创建一个字段,并为adminuser设置值

1 for admin
2 for user

在登录时检查此字段值,如果为1,则仅设置login_admin,如果为2,则仅设置login_user 

 $sql = "SELECT ID,user_role FROM login WHERE username = '$myusername' and password =  '$mypassword'";
      $result = mysqli_query($con,$sql);
      $row = mysqli_fetch_array($result,MYSQLI_ASSOC);   

      $count = mysqli_num_rows($result);


      // If result matched $myusername and $mypassword, table row must be 1 row

if($count == 1) {
    if($row['user_role'] == 1){
      $_SESSION['login_admin'] = 'admin'; 
      header("location: admin.php");       
      }
      else{
      $_SESSION['login_user'] = 'user';
      header("location: MembersPage.php");
      }
 }

答案 1 :(得分:0)

如果您想要开始新会话或者您想要恢复现有会话,则忘记拨打session_start();方法。

相关问题
最新问题