我有2个登录,一个用于管理表,另一个用于收银台。所以现在发生的事情就是每当我登录其中任何一个时,另一个当我刷新它时也会记录。当我在管理员中点击退出然后刷新收银员时,我也退出了同样的情况。我不 知道我的代码中有什么不对。
P.S。这两个表只在一个数据库中。但我不认为它需要2个数据库才能进行2次登录。
这是admin_tbl的代码index.php
<?php
/** *index.php **/
session_unset();
session_start();
require_once 'includes/database.php';
$error = '';
if (isset($_POST['login']))
{
$uname = $_POST['username'];
$pword = $_POST['password'];
$sql = "SELECT * FROM admin_tbl WHERE uname='$uname' AND pword='$pword' LIMIT 1";
$result = mysqli_query(connection(), $sql);
$user = mysqli_fetch_array($result, MYSQLI_BOTH);
if ($user)
{
$_SESSION['user_id'] = $user['id']; $_SESSION['name'] = $user['lastname'] . ', ' . $user['firstname'];
header("Location: user_maintenance.php");
}
else
echo '<script language="javascript">';
echo 'alert("Account does not exist!")';
echo '</script>';
}
if (isset($_SESSION['user_id']))
{
header("Location: user_maintenance.php");
}
?>
<html>
<head>
<title>Log In</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link href="css/bootstrap.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet">
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
<style type="text/css">
body {
background:url(images/jerica.jpg)fixed no-repeat center;
background-size:cover;
font-family: 'helvetica','Source Sans Pro', sans-serif;
color: ;
font-weight: 300;
padding-top: 110px;
}
.navbar {
background-color: #0A3D73;
}
.navbar-brand {
height: 100px;
line-height: 70px;
color: #fff !important;
}
.footer {
width: 100%;
position: absolute;
bottom: 20px;
}
.newtext{
color: grey;
}
@media (max-width: 367px){
.login-form {
margin-top: 5px;
}
}
</style>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-4 col-sm-offset-4 well login-form" style="margin-top:40px; background:rgba(0,0,0,0.65);"> <form action="" method="post" class="form-horizontal" role="form">
<h1 class = "newtext"><center>Login</center></h1>
<?php if ($error != ''): ?>
<div class="alert alert-danger alert-dismissible" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">×</span></button>
<?= $error ?>
</div>
<?php endif; ?>
<div class="form-group col-sm-12"> <div class="input-group"> <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
<input type="text" name="username" class="form-control" placeholder="Username" required>
</div>
</div>
<div class="form-group col-sm-12">
<div class="input-group" style="padding-bottom: 10px"> <span class="input-group-addon"> <i class="glyphicon glyphicon-lock"></i></span>
<input type="password" name="password" class="form-control" placeholder="Password" required>
</div>
</div>
<input type="hidden" name="student" value="student">
<div class="form-inline">
<center><button class="btn btn-primary" type="submit" name="login"> Log In</button>
</form>
</div>
</div>
</div>
</body>
</html>
这是cashier_tbl
的index.php代码<?php
/** *index.php **/
session_unset();
session_start();
require_once 'includes/database.php';
$error = '';
if (isset($_POST['login']))
{
$uname = $_POST['username'];
$pword = $_POST['password'];
$sql = "SELECT * FROM cashier_tbl WHERE uname='$uname' AND pword='$pword' LIMIT 1";
$result = mysqli_query(connection2(), $sql);
$user = mysqli_fetch_array($result, MYSQLI_BOTH);
if ($user)
{
$_SESSION['user_id'] = $user['id']; $_SESSION['name'] = $user['lastname'] . ', ' . $user['firstname'] . ' ' . $user['middlename'];
header("Location: order.php");
}
else
echo '<script language="javascript">';
echo 'alert("Account does not exist!")';
echo '</script>';
}
if (isset($_SESSION['user_id']))
{
header("Location: order.php");
}
?>
<html>
<head>
<title>Log In</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link href="css/bootstrap.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet">
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
<style type="text/css">
body {
background:url(images/jerica.jpg)fixed no-repeat center;
background-size:cover;
font-family: 'helvetica','Source Sans Pro', sans-serif;
color: ;
font-weight: 300;
padding-top: 110px;
}
.navbar {
background-color: #0A3D73;
}
.navbar-brand {
height: 100px;
line-height: 70px;
color: #fff !important;
}
.footer {
width: 100%;
position: absolute;
bottom: 20px;
}
.newtext{
color: grey;
}
@media (max-width: 367px){
.login-form {
margin-top: 5px;
}
}
</style>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-4 col-sm-offset-4 well login-form" style="margin-top:40px; background:rgba(0,0,0,0.65);"> <form action="" method="post" class="form-horizontal" role="form">
<h1 class = "newtext"><center>Login</center></h1>
<?php if ($error != ''): ?>
<div class="alert alert-danger alert-dismissible" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">×</span></button>
<?= $error ?>
</div>
<?php endif; ?>
<div class="form-group col-sm-12"> <div class="input-group"> <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
<input type="text" name="username" class="form-control" placeholder="Username" required>
</div>
</div>
<div class="form-group col-sm-12">
<div class="input-group" style="padding-bottom: 10px"> <span class="input-group-addon"> <i class="glyphicon glyphicon-lock"></i></span>
<input type="password" name="password" class="form-control" placeholder="Password" required>
</div>
</div>
<input type="hidden" name="student" value="student">
<div class="form-inline">
<center><button class="btn btn-primary" type="submit" name="login"> Log In</button>
</form>
</div>
</div>
</div>
</body>
</html>
更新:谢谢你们!它帮助了我。
答案 0 :(得分:1)
为用户使用会话变量,为收银员使用会话变量。所以
$_SESSION['admin_logged_in']
和
$_SESSION['cashier_logged_in']
或其他......
(另请阅读此http://php.net/manual/en/security.database.sql-injection.php)
答案 1 :(得分:0)
因为您使用的是相同的会话变量 对不同的登录使用不同的会话变量。