所以我正在为舞蹈训练师制作平台,为我们的舞蹈比赛注册...... 培训师创建一个帐户, 使用该帐户登录 - >如果邮件和密码是正确的,一些会话变量将被启动,这些变量内部是用户ID,邮件等,用户“角色”(admin或user / 1或2) 在这些变量发起后,用户将被转发到实际的用户区域网站。 那一方现在将检查会话变量是否已设置以及用户角色是否足够高以访问该页面,如果没有将用户转发到管理或登录页面(admin如果role = 2则登录,如果role!= 1或2 ) 但是变量不会在第一次登录尝试时保存,您必须登录两次....
这是我的代码
登录页面:
session_start();
include('connect.php'); //mysql connection function
if (isset($_POST["login"])) // check if login attemp exists
{
//get mail from form
$mail = mysqli_real_escape_string($verbindung, $_POST["mail"]);
//get password from form
$pw = mysqli_real_escape_string($verbindung, $_POST["pw"]);
//check if user exists in db
$sql = "SELECT * FROM user_db WHERE mail = '$mail'";
$query = mysqli_query($verbindung, $sql);
while ($user = mysqli_fetch_object($query))
{
if (password_verify($pw, $user->password))
{
// set session variables
$_SESSION["login"] = $user->acc_type; //role
$_SESSION["id"] = $user->id; //id
$_SESSION["vorname"] = $user->vorname;
$_SESSION["mail"] = $user->mail;
$_SESSION["nachname"] = $user->nachname;
}
}
}
// check if login attempt succeded and get the user role
if ($_SESSION["login"] == 1)
{
// if role is user goto user page
echo '<meta http-equiv="refresh" content="100; URL=user" />';
}else if ($_SESSION["login"] == 2)
{
if role is admin goto admin page
echo '<meta http-equiv="refresh" content="100; URL=admin" />';
}
用户/管理员页面(两者都有相同的代码/错误):
session_start();
if ($_SESSION["login"] == '2')
{
//goto admin if user is admin
echo '<meta http-equiv="refresh" content="0; URL=../admin">';
}else if ($_SESSION["login"] != '1')
{
//goto login if user is neither role 1 or 2
//this one triggers allways if it is your first attempt to login
//it behaves like the session didnt start on the login page but i dont know why
echo '<meta http-equiv="refresh" content="0; URL=../">';
}