那是我的班级:
public function is_admin() {
try {
$admin = $this->db->prepare("SELECT * FROM users WHERE user_name = 'admin' AND user_pass='123456'");
$admin->execute();
if ($admin->rowCount() > 0) {
return header("Location: admin.php");
}else {
return false;
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
public function login($uname, $umail, $upass) {
try {
$stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname AND user_email=:umail LIMIT 1");
$stmt->execute(array(':uname' => $uname, ':umail' => $umail));
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
if ($stmt->rowCount() > 0) {
if (password_verify($upass, $userRow['user_pass'])) {
$_SESSION['user_session'] = $userRow['user_id'];
return header("Location: home.php");
} else {
return false;
}
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}`
的login.php
require 'app' . DIRECTORY_SEPARATOR . 'connection.php';
$test = new USER($DB_con);
if (isset($_POST['submit'])) {
$uname = $test->validate($_POST['uname']);
$umail = $test->validate($_POST['email']);
$upass = $test->validate($_POST['password']);
$test->login($uname, $umail, $upass);
}
我不知道如何连接管理功能总是重定向到home.php 我不会重定向到不同的页面 userse必须重定向到主页 管理员必须重定向到管理页面
答案 0 :(得分:1)
在is_admin
更改
if ($admin->rowCount() > 0) {
return "admin.php";
} else {
return null;
}
login
中的
if (password_verify($upass, $userRow['user_pass'])) {
$_SESSION['user_session'] = $userRow['user_id'];
return "home.php";
} else {
return null;
}
login.php
中的
$page = $test->login($uname, $umail, $upass);
if(isset($page)) {
header("Location: $page");
}
答案 1 :(得分:1)
您可以在登录方法中进行一次检查并相应地重定向...
<?php
class USER{
protected $userIsAdmin = false;
/* NO NEED FOR THIS FUNCTION.
* SINCE ADMIN IS ALSO A USER, YOU CAN LOGIN THE USER
* USING THE LOGIN METHOD AND THEN CHECK IF THE SUPPLIED CREDENTIALS
* MATCH THOSE OF THE ADMIN... NO NEED FOR SEPARATE SQL QUERY
*/
/*
public function is_admin() {
try {
$admin = $this->db->prepare("SELECT * FROM users WHERE user_name = 'admin' AND user_pass='123456'");
$admin->execute();
if ($admin->rowCount() > 0) {
return header("Location: admin.php");
}else {
return false;
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
*/
public function user_is_admin() {
return $this->userIsAdmin;
}
public function login($uname, $umail, $upass) {
try {
$stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname AND user_email=:umail LIMIT 1");
$stmt->execute(array(':uname' => $uname, ':umail' => $umail));
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
if ($stmt->rowCount() > 0) {
if (password_verify($upass, $userRow['user_pass'])) {
$_SESSION['user_session'] = $userRow['user_id'];
// HERE YOU CHECK IF THE LOGGED-IN USER IS ADMIN
// IF ADMIN, REDIRECT TO ADMIN PAGE
// ELSE REDIRECT TO HOME PAGE
if($uname == "admin"){ //<== YOU MAY ADD OTHER CONDITIONS HERE AS WELL...
// SET $this->userIsAdmin TO TRUE & REDIRECT
$this->userIsAdmin = true;
header("Location: admin.php");
exit;
}
header("Location: home.php");
exit;
} else {
return false;
}
}
} catch (PDOException $e) {
echo $e->getMessage();
}
}
}
require 'app' . DIRECTORY_SEPARATOR . 'connection.php';
$test = new USER($DB_con);
if (isset($_POST['submit'])) {
$uname = $test->validate($_POST['uname']);
$umail = $test->validate($_POST['email']);
$upass = $test->validate($_POST['password']);
$test->login($uname, $umail, $upass);
}