通过数据库设置动态网站的用户权限
我正在尝试为访问该网站的用户创建权限。
这是权限基于的数据库表
权限
User_privledge_no是他们可以持有的访问级别
售货员:1 管理员:2 库存控制器:3
我创建了一个文件来检查它们是否已登录,名为check_login.php
<?php
// MySQL Database Connect
require_once("connection.php");
session_start();
if(!$_SESSION['logged']){
header("Location: employee_login.html");
exit;
}
?>
然后我有一个site_access.php来设置用户的权限级别
<?php
require_once("connection.php");
// the following will check to see if the access level is not 2 OR 3 and redirect them – this will allow users with permissions levels 2 and 3 to access the page
if($_SESSION[‘permissions’] <> 2 || $_SESSION[‘permissions’] <> 3) {
header("Location: employee_login.html");
exit;
}
?>
我认为这与我的site_access.php文件有关,但我不确定我哪里出错了。
您可以从employee_login.html页面
开始这只是一个html表单。然后,一旦您登录,您最终会进入modify_dept1.php
&#13;
&#13;
&#13;
&#13;
<!doctype HTML>
<html lang="en">
<?php
require_once("code/connection.php");
require_once("code/check_login.php");
require_once("code/site_access.php");
?>
<head>
<meta charset="utf-8">
<meta name="Used Car Sales" content="West Coast Auto"/>
<title>West Coast Auto</title>
<link href="css/main.css" type="text/css" rel="stylesheet"> <!-- this links the html to the css file-->
</head>
<body>
<header>
<!--------------------------------------------- UPPER NAV ---------------------->
<nav id="upper_nav">
<ul>
<li><a href="index.html">Home</a></li>
<li><a href="employee_login.html">Employee Login</a></li>
<li><a href="privacy.html">Privacy Policy</a></li>
<li><a href="display_vehicle.php">Display Vehicle</a></li>
<li><a href="add_cust.html">Add Cust</a></li>
<li><a href="logout.php">LOGOUT</a></li>
</ul>
</nav>
<!---------------------------------------------- LOGO AND ADDRESS------------------------>
<div id="logo">
<a href="index.html"><img src="images/west_coast_auto_logo.png" alt="West Cosst Auto" title="West Coast Auto"></a>
</div>
<div id="logos">
</div>
<div id="address">
<h4>West Coast Auto</h4>
<h4>375 Albany Hwy.</h4>
<h4>Victoria Park</h4>
<h4>Perth WA 6100</h4>
<h4>☎ (08) 9415 1234</h4>
<h4>Email: <a href="mailto:Jarvis_Palmer@westcoastauto.com.au ">Jarvis Palmer</a></h4>
</div>
<!----------------------------------------------- LOWER NAV --------------------------------->
<nav id="lower_nav">
<ul>
<li><a href="code/index.html">Home</a></li>
<li><a href="code/about.html">About</a>
<ul>
<li><a href="code/history.html">History</a></li>
<li><a href="code/our_values.html">Our Values</a></li>
</ul>
</li>
<li><a href="code/used_vehicles.html">Used Vehicles</a></li>
<li><a href="code/specials.html">Specials</a></li>
<li><a href="code/finance.html">Finance</a>
<ul>
<li><a href="code/insurance.html">Insurance</a></li>
</ul>
</li>
<li><a href="code/testimonials.html">Testimonials</a></li>
<li><a href="code/contact.html">Contact</a></li>
</ul>
</nav>
<div id="navline">
</div>
</header>
<!------------------------------------------ MAIN CONTENT -------------------------------->
<div class="main_img">
<?php
switch ($_SESSION['permissions']) {
case 1:
echo "<h3>Welcome Salesperson</h3>";
break;
case 2:
echo "<h3>Welcome Site Administrator</h3>";
break;
case 3:
echo "<h3>Welcome Stock Controller</h3>";
break;
}
?>
<p><a href="display_cust.php">View Customers</a></p>
<p><a href="display_staff.php">View Staff</a></p>
<p><a href="display_vehicle.php">View Vehicles</a></p>
<?php
if($_SESSION['permissions'] == 2) {
// Display the following menu items only if the user has permission level 4
echo "<p><a href='update_staff.php'>Update Staff</a></p>";
}
?>
<?php
if($_SESSION['permissions'] == 3) {
// Display the following menu items only if the user has permission level 4
echo "<p><a href='update_vehicle.php'>Update Vehicles</a></p>";
}
?>
</div>
<!------------------------------------------------ FOOTER --------------------------------------->
<footer id="footer">
<button class="accordion"><h2> SITE MAP </h2></button>
<div id="footer_content">
<h4 id="site_map">Site Map</h4>
<div id="footer_menu">
<ul>
<li><a href="code/index.html">Home</a></li>
<li><a href="code/employee_login.html">Employee Login</a>
</li>
<li><a href="code/privacy.html">Privacy Policy</a></li>
</ul>
<ul>
<li><a href="code/about.html">About</a>
<ul>
<li><a href="code/history.html">History</a></li>
<li><a href="code/our_values.html">Our Values</a></li>
</ul>
</li>
<li><a href="code/specials.html">Specials</a></li>
<li><a href="code/used_vehicles.html">Used Vehicles</a></li>
<li><a href="code/finance.html">Finance</a>
<ul>
<li><a href="code/insurance.html">Insurance</a></li>
</ul>
</li>
<li><a href="code/testimonials.html">Testimonials</a></li>
<li><a href="code/contact.html">Contact</a></li>
</ul>
<div>
<div id="icons">
<a href="https://www.facebook.com" target="_blank"><img src="images/facebook.png" title="Facebook" alt="Facebook" width="50" height="50"></a>
<a href="https://www.youtube.com" target="_blank"><img src="images/youtube.png" title="You Tube" alt="You Tube" width="50" height="50"></a>
<a href="https://www.twitter.com" target="_blank"><img src="images/twitter.png" title="Twitter" alt="Twitter" width="50" height="50"></a>
</div>
</div>
<script>
var acc = document.getElementsByClassName("accordion");
var i;
for (i = 0; i < acc.length; i++) {
acc[i].onclick = function() {
this.classList.toggle("active");
var panel = this.nextElementSibling;
if (panel.style.maxHeight){
panel.style.maxHeight = null;
} else {
panel.style.maxHeight = panel.scrollHeight + "px";}
}
}
</script>
</div>
</div>
<p id="copyright">Copyright © 2017 West Coast Auto</p>
</footer>
</body>
</html>
直到我以User_privledge_no为2登录,然后我无法更新某些内容,即使我是2级而不是1级。
当我以具有3级权限的人身份登录时,会发生同样的事情。
任何想法?
1 个答案:
答案 0 :(得分:0)
IF语句存在逻辑问题。
考虑...
if($_SESSION[‘permissions’] <> 2 || $_SESSION[‘permissions’] <> 3) {
这将接受大于或小于2或大于或小于3的权限级别,这将使任何访问级别都可接受!
这里你需要的是;
if($_SESSION[‘permissions’] != 2 && $_SESSION[‘permissions’] != 3) {
如果用户级别不是2或3,则注释状态。这将修复此逻辑。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?