第一个是panel.php文件,第二个是会话文件,第三个是login.php文件文件。我想只有当登录用户是管理员然后只显示管理员链接而其他人显示其他链接时才显示panel.php文件。我不知道我试过这个代码发生了什么,但它显示了所有用户的所有链接。请找到错误
panel.php文件
<?php
include('session.php');
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<?php
if($_SESSION['role']=='Administrator')
{
?>
<li><a href="#">Add Publisher</a></li>
<?php
}else{
?>
<li><a href="#">Mailbox</a></li>
<?php
}
?>
</body>
</html>
session.php文件
<?php
$connection = mysql_connect("localhost", "root", "");
$db = mysql_select_db("simple_db", $connection);
session_start();// Starting Session
// Storing Session
$user_check=$_SESSION['login_user'];
$role_check=$_SESSION['role'];
// SQL Query To Fetch Complete Information Of User
$ses_sql=mysql_query("SELECT * FROM simple_db WHERE email_n='$user_check' ", $connection);
$row = mysql_fetch_assoc($ses_sql);
$login_session =$row['email_n'];
if(!isset($login_session)){
mysql_close($connection); // Closing Connection
header('Location: login.php'); // Redirecting To Home Page
}
?>
login.php文件
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['email_n']) || empty($_POST['email_p'])) {
$error = "Email or Password is invalid";
}
else
{
// Define $username and $password
$email_n = $_POST['email_n'];
$email_p = $_POST['email_p'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$connection = mysql_connect("localhost", "root", "");
// To protect MySQL injection for Security purpose
$email_n = stripslashes($email_n);
$email_p = stripslashes($email_p);
$email_n = mysql_real_escape_string($mail_n);
$email_p = mysql_real_escape_string($email_p);
// Selecting Database
$db = mysql_select_db("simple_db", $connection);
// SQL query to fetch information of registerd users and finds user match.
$query = mysql_query("SELECT * FROM simple_db WHERE email_n='$email_n' AND email_p = '$email_p' ", $connection);
$rows = mysql_num_rows($query);
if ($rows == 1) {
$_SESSION['login_user']=$email_n;
$_SESSION['role']=$row->Role;
// Initializing Session
header("location: panel.php"); // Redirecting To Other Page
} else {
$error = "Email or Password is invalid";
}
mysql_close($connection); // Closing Connection
}
}
?>