为什么我的2帐号同时登录?

时间:2017-09-15 13:34:15

标签: php sql login

我有2个登录,一个用于管理表,另一个用于收银台。所以现在发生的事情就是每当我登录其中任何一个时,另一个当我刷新它时也会记录。当我在管理员中点击退出然后刷新收银员时,我也退出了同样的情况。我不 知道我的代码中有什么不对。

P.S。这两个表只在一个数据库中。但我不认为它需要2个数据库才能进行2次登录。

这是admin_tbl的代码index.php 

<?php 
/** *index.php **/ 
session_unset(); 
session_start();
require_once 'includes/database.php';
$error = ''; 
if (isset($_POST['login'])) 
{
 $uname = $_POST['username']; 
 $pword = $_POST['password'];
 $sql = "SELECT * FROM admin_tbl WHERE uname='$uname' AND pword='$pword' LIMIT 1"; 
 $result = mysqli_query(connection(), $sql);
 $user = mysqli_fetch_array($result, MYSQLI_BOTH); 
 if ($user)
 {
 $_SESSION['user_id'] = $user['id']; $_SESSION['name'] = $user['lastname'] . ', ' . $user['firstname']; 
 header("Location: user_maintenance.php");
 }
 else
    echo '<script language="javascript">';
    echo 'alert("Account does not exist!")';
    echo '</script>';
 } 
 if (isset($_SESSION['user_id']))
 {
    header("Location: user_maintenance.php");
    }

    ?>
    <html> 
    <head> 
    <title>Log In</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link href="css/bootstrap.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet"> 
    <!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script> 
    <!-- Include all compiled plugins (below), or include individual files as needed --> 
    <script src="js/bootstrap.min.js"></script> 
    <style type="text/css"> 
    body {

    background:url(images/jerica.jpg)fixed no-repeat center;
    background-size:cover;
    font-family: 'helvetica','Source Sans Pro', sans-serif;
    color: ;
    font-weight: 300;
        padding-top: 110px; 
        } 
    .navbar {
            background-color: #0A3D73;
            } 
    .navbar-brand { 
    height: 100px;
    line-height: 70px; 
    color: #fff !important;
    } 
    .footer { 
    width: 100%;
    position: absolute;
    bottom: 20px; 
    }
    .newtext{
        color: grey;
    }
    @media (max-width: 367px){ 
    .login-form {
        margin-top: 5px; 
        }
            }
        </style> 
        </head> 
        <body> 
        <div class="container">
        <div class="row">
        <div class="col-sm-4 col-sm-offset-4 well login-form" style="margin-top:40px; background:rgba(0,0,0,0.65);"> <form action="" method="post" class="form-horizontal" role="form">
        <h1 class = "newtext"><center>Login</center></h1>
        <?php if ($error != ''): ?>
        <div class="alert alert-danger alert-dismissible" role="alert">
        <button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">&times;</span></button>
        <?= $error ?>
        </div>
        <?php endif; ?> 
        <div class="form-group col-sm-12"> <div class="input-group"> <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span> 
        <input type="text" name="username" class="form-control" placeholder="Username" required> 
        </div> 
        </div> 
        <div class="form-group col-sm-12"> 
        <div class="input-group" style="padding-bottom: 10px"> <span class="input-group-addon"> <i class="glyphicon glyphicon-lock"></i></span> 
        <input type="password" name="password" class="form-control" placeholder="Password" required> 
        </div> 
        </div> 
        <input type="hidden" name="student" value="student"> 
        <div class="form-inline">
        <center><button class="btn btn-primary" type="submit" name="login"> Log In</button>
        </form>
        </div> 
        </div>
        </div>
        </body>
        </html>

这是cashier_tbl

的index.php代码 
<?php 
/** *index.php **/ 
session_unset(); 
session_start();
require_once 'includes/database.php';
$error = ''; 
if (isset($_POST['login'])) 
{
 $uname = $_POST['username']; 
 $pword = $_POST['password'];
 $sql = "SELECT * FROM cashier_tbl WHERE uname='$uname' AND pword='$pword' LIMIT 1"; 
 $result = mysqli_query(connection2(), $sql);
 $user = mysqli_fetch_array($result, MYSQLI_BOTH); 
 if ($user)
 {
 $_SESSION['user_id'] = $user['id']; $_SESSION['name'] = $user['lastname'] . ', ' . $user['firstname'] . ' ' . $user['middlename']; 
 header("Location: order.php");
 }
 else
    echo '<script language="javascript">';
    echo 'alert("Account does not exist!")';
    echo '</script>';
 } 
 if (isset($_SESSION['user_id']))
 {
    header("Location: order.php");
    }

    ?>
    <html> 
    <head> 
    <title>Log In</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link href="css/bootstrap.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet"> 
    <!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script> 
    <!-- Include all compiled plugins (below), or include individual files as needed --> 
    <script src="js/bootstrap.min.js"></script> 
    <style type="text/css"> 
    body {

    background:url(images/jerica.jpg)fixed no-repeat center;
    background-size:cover;
    font-family: 'helvetica','Source Sans Pro', sans-serif;
    color: ;
    font-weight: 300;
        padding-top: 110px; 
        } 
    .navbar {
            background-color: #0A3D73;
            } 
    .navbar-brand { 
    height: 100px;
    line-height: 70px; 
    color: #fff !important;
    } 
    .footer { 
    width: 100%;
    position: absolute;
    bottom: 20px; 
    }
    .newtext{
        color: grey;
    }
    @media (max-width: 367px){ 
    .login-form {
        margin-top: 5px; 
        }
            }
        </style> 
        </head> 
        <body> 
        <div class="container">
        <div class="row">
        <div class="col-sm-4 col-sm-offset-4 well login-form" style="margin-top:40px; background:rgba(0,0,0,0.65);"> <form action="" method="post" class="form-horizontal" role="form">
        <h1 class = "newtext"><center>Login</center></h1>
        <?php if ($error != ''): ?>
        <div class="alert alert-danger alert-dismissible" role="alert">
        <button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">&times;</span></button>
        <?= $error ?>
        </div>
        <?php endif; ?> 
        <div class="form-group col-sm-12"> <div class="input-group"> <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span> 
        <input type="text" name="username" class="form-control" placeholder="Username" required> 
        </div> 
        </div> 
        <div class="form-group col-sm-12"> 
        <div class="input-group" style="padding-bottom: 10px"> <span class="input-group-addon"> <i class="glyphicon glyphicon-lock"></i></span> 
        <input type="password" name="password" class="form-control" placeholder="Password" required> 
        </div> 
        </div> 
        <input type="hidden" name="student" value="student"> 
        <div class="form-inline">
        <center><button class="btn btn-primary" type="submit" name="login"> Log In</button>
        </form>
        </div> 
        </div>
        </div>
        </body>
        </html>

更新:谢谢你们!它帮助了我。

2 个答案:

答案 0 :(得分:1)

为用户使用会话变量,为收银员使用会话变量。所以

$_SESSION['admin_logged_in']


$_SESSION['cashier_logged_in']

或其他......

(另请阅读此http://php.net/manual/en/security.database.sql-injection.php

答案 1 :(得分:0)

因为您使用的是相同的会话变量 对不同的登录使用不同的会话变量。

相关问题
最新问题