根据数据库值设置会话变量

时间:2020-04-24 14:24:29

标签: php html sql session

因此,基本上,我能够在用户登录后为用户名设置会话变量,但是我还需要根据用户是否为管理员来设置一个会话变量。这可以在用户表的“角色”列中找到。每次我登录时,似乎没有人是管理员,但是我尝试了以下类似的操作... 

    <?php
  session_start();

  $username = "";
  $email = "";
  $role= "";
  $errors = array();

//connect to db
$db = mysqli_connect('localhost', 'root', '', 'jmervyn');

    ...



    //log user in for login Page
  if (isset($_POST['login'])){
    $username = mysqli_real_escape_string($db, $_POST['username']);
    $password = mysqli_real_escape_string($db,$_POST['password']);

    //ensure that form fields are filled correctly
    if (empty($username)){
      array_push($errors,"Username is required");
    }
    if (empty($password)){
      array_push($errors,"Password is required");
    }

    $query2 = "SELECT role FROM users WHERE username = '$username'";
    $role = mysqli_query($db,$query2);

    if (count($errors) == 0){
      $password = md5($password); // encrypt password before comparing with database
      $query = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
      $result = mysqli_query($db,$query);
      if (mysqli_num_rows($result)==1){
        // log in users
        $_SESSION['username']= $username;
        $_SESSION['role']= $role;
        $_SESSION['success']="You are now logged in";
        header('location: index.php'); //redirect to home page
      }else{
        array_push($errors, "Wrong username/password combination");
      }
    }
  }

要测试此代码,我有一个导航栏,在该导航栏中,我想根据用户角色是否为管理员来确定某些标题。

    <!DOCTYPE html>
<html>
<header>
<h1 class="Training Planner">Training Planner</h1>
<input type="checkbox" id="nav-toggle" class="nav-toggle">
<nav>
  <?php
      if($_SESSION['role'] == "admin") {
      ?>
      <ul class="nav navbar-nav">
        <li><a href="index.php">Home</a></li>
        <li><a href="calendar.php">Calendar</a></li>
        <li><a href="map.php">Map</a></li>
        <li><a href="gyms.php">Gyms</a></li>
      </ul>

      <?php } else { ?>
          <ul class="nav navbar-nav">
            <li><a href="index.php">Home</a></li>
            <li><a href="calendar.php">Calendar</a></li>
            <li><a href="map.php">Map</a></li>
          </ul>
      <?php
      }
  ?>

    enter code here

1 个答案:

答案 0 :(得分:-1)

$ role = mysqli_query($ db,$ query2); 此行从数据库返回一个对象,而不是字符串,要解决此问题,必须从该结果集中获取角色的实际价值。这部分代码必须更改为:

$result = mysqli_query($db,$query2);

if( $result){
 $row = mysqli_fetch_array($result);
 $role= $row["role"];
 $_SESSION['role']= $role;
}
相关问题
最新问题