我需要阻止访问$ _SESSION ['role']不等于“ Administrator”或“ Operator”的“ http://localhost/oms/category/index.php”页面。因此,当具有其他角色(而非管理员或操作员)的用户尝试访问上述页面时,该用户将被重定向到另一个页面。没关系。但警报消息不起作用。我怎样才能解决这个问题。
localhost / oms / category / index.php中的代码在这里
session_start();
if (!isset($_SESSION['username'])) {
header('Location: ../login/index.php');
}
if (!($_SESSION['role'] == 'Administrator' || $_SESSION['role'] ==
'Operator')) {
$_SESSION['alert-warning'] = "You do not have permission to access the
page.";
header('Location: ../customer-order/');
}
重定向页面中的代码在这里
<?php
session_start();
if (isset($_SESSION['alert-success'])) {
?>
<div class="alert alert-success" id="success-alert" role="alert" data-auto-
dismiss="2000">
<button type="button" class="close" data-dismiss="alert">x</button>
<strong>Success! </strong>
<?php echo $_SESSION['alert-success']; ?>
</div>
<?php
unset($_SESSION["alert-success"]);
} else if (isset($_SESSION['alert-unsuccess'])) {
?>
<div class="alert alert-danger" id="unsuccess-alert">
<button type="button" class="close" data-dismiss="alert">x</button>
<strong>Error ! </strong>
<?php echo $_SESSION['alert-unsuccess']; ?>
</div>
<?php
unset($_SESSION["alert-unsuccess"]);
} else if (isset($_SESSION['alert-warning'])) {
?>
<div class="alert alert-warning" id="success-alert" role="alert" data-auto-
dismiss="2000">
<button type="button" class="close" data-dismiss="alert">x</button>
<strong>Warning! </strong>
<?php echo $_SESSION['alert-warning']; ?>
</div>
<?php
unset($_SESSION["alert-warning"]);
}
?>
答案 0 :(得分:0)
您的||语句始终为假,将其切换为:
if (!($_SESSION['role'] == 'Administrator' && $_SESSION['role'] ==
'Operator'))