Php重定向不起作用

时间:2016-10-24 15:25:13

标签: php redirect

那是我的班级:

 public function is_admin() {

    try {
     $admin = $this->db->prepare("SELECT * FROM users WHERE user_name = 'admin' AND user_pass='123456'");
     $admin->execute();
        if ($admin->rowCount() > 0) {
            return header("Location: admin.php");


        }else {
            return false;
        }
    } catch (PDOException $e) {
        echo $e->getMessage();
    }
}

public function login($uname, $umail, $upass) {
    try {
        $stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname AND user_email=:umail LIMIT 1");
        $stmt->execute(array(':uname' => $uname, ':umail' => $umail));
        $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
        if ($stmt->rowCount() > 0) {
            if (password_verify($upass, $userRow['user_pass'])) {
                $_SESSION['user_session'] = $userRow['user_id'];
                return  header("Location: home.php");
            } else {
                return false;
            }
        }
    } catch (PDOException $e) {
        echo $e->getMessage();
    }
}`

的login.php

  require 'app' . DIRECTORY_SEPARATOR . 'connection.php';
  $test = new USER($DB_con);

  if (isset($_POST['submit'])) {  
       $uname = $test->validate($_POST['uname']);
       $umail = $test->validate($_POST['email']);
       $upass = $test->validate($_POST['password']);
       $test->login($uname, $umail, $upass);

  }

我不知道如何连接管理功能总是重定向到home.php 我不会重定向到不同的页面 userse必须重定向到主页 管理员必须重定向到管理页面

2 个答案:

答案 0 :(得分:1)

is_admin更改

if ($admin->rowCount() > 0) {
    return "admin.php";
} else {
    return null;
}
login

中的

if (password_verify($upass, $userRow['user_pass'])) {
    $_SESSION['user_session'] = $userRow['user_id'];
    return "home.php";
} else {
    return null;
}
login.php

中的

$page = $test->login($uname, $umail, $upass);

if(isset($page)) {
    header("Location: $page");
}

答案 1 :(得分:1)

您可以在登录方法中进行一次检查并相应地重定向...

<?php

    class USER{

        protected $userIsAdmin  = false; 

        /* NO NEED FOR THIS FUNCTION.
         * SINCE ADMIN IS ALSO A USER, YOU CAN LOGIN THE USER
         * USING THE LOGIN METHOD AND THEN CHECK IF THE SUPPLIED CREDENTIALS
         * MATCH THOSE OF THE ADMIN... NO  NEED FOR SEPARATE SQL QUERY
         */

        /*
        public function is_admin() {
            try {
                $admin = $this->db->prepare("SELECT * FROM users WHERE user_name = 'admin' AND user_pass='123456'");
                $admin->execute();
                if ($admin->rowCount() > 0) {
                    return header("Location: admin.php");


                }else {
                    return false;
                }
            } catch (PDOException $e) {
                echo $e->getMessage();
            }
        }
        */


        public function user_is_admin() {
            return $this->userIsAdmin;
        }

        public function login($uname, $umail, $upass) {
            try {
                $stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname AND user_email=:umail LIMIT 1");
                $stmt->execute(array(':uname' => $uname, ':umail' => $umail));
                $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
                if ($stmt->rowCount() > 0) {
                    if (password_verify($upass, $userRow['user_pass'])) {
                        $_SESSION['user_session'] = $userRow['user_id'];
                        // HERE YOU CHECK IF THE LOGGED-IN USER IS ADMIN
                        // IF ADMIN, REDIRECT TO ADMIN PAGE
                        // ELSE REDIRECT TO HOME PAGE
                        if($uname == "admin"){  //<== YOU MAY ADD OTHER CONDITIONS HERE AS WELL...
                            // SET $this->userIsAdmin TO TRUE & REDIRECT
                            $this->userIsAdmin = true;
                            header("Location: admin.php");
                            exit;
                        }
                        header("Location: home.php");
                        exit;
                    } else {
                        return false;
                    }
                }
            } catch (PDOException $e) {
                echo $e->getMessage();
            }
        }
    }

    require 'app' . DIRECTORY_SEPARATOR . 'connection.php';
    $test = new USER($DB_con);

    if (isset($_POST['submit'])) {
        $uname = $test->validate($_POST['uname']);
        $umail = $test->validate($_POST['email']);
        $upass = $test->validate($_POST['password']);
        $test->login($uname, $umail, $upass);       
    }