我做了一个登录页面,根据他们是否使用正确的详细信息登录,应该为会话['级别'指定不同的组。说管理员登录他得到会话['admin']会话['成员']和会话['理事会'],这些都依赖于他在数据库中的用户级别。 但当我检查会话数组时,我得到: id,username,admin,admin,admin而不是 id,username,admin,council,member。 我用于查询的代码是
//normal user
$queryN= mysql_query("SELECT * From users where username='$username' and hashed_password ='$dash' AND
level='member' LIMIT 1");
//normal council member
$queryC = mysql_query("SELECT * From users where username='$username' and hashed_password ='$dash' AND
level='council' LIMIT 1");
//normal admin
$queryA = mysql_query("SELECT * From users where username='$username' and hashed_password ='$dash' AND
level='admin' LIMIT 1");
//Check whether the query was successful or not
//normal user
if(mysql_num_rows($queryN) == 1)
{session_regenerate_id();
$resultN = mysql_fetch_assoc($queryN);
$_SESSION['user_id'] = $resultN['id'];
$_SESSION['username'] = $resultN['username'];
$_SESSION['member'] = $resultN['level'];
session_write_close();
redirect_to("../public/index.php");
}
//admin user
elseif(mysql_num_rows($queryA) == 1){
session_regenerate_id();
$resultA = mysql_fetch_assoc($queryA);
$_SESSION['user_id'] = $resultA['id'];
$_SESSION['username'] = $resultA['username'];
$_SESSION['admin'] = $resultA['level'];
$_SESSION['member'] = $resultA['level'];
$_SESSION['council'] = $resultA['level'];
session_write_close();
redirect_to("../public/staff.php");
}
//council user
elseif(mysql_num_rows($queryC) == 1){
session_regenerate_id();
$resultC = mysql_fetch_assoc($queryC);
$_SESSION['user_id'] = $resultC['id'];
$_SESSION['username'] = $resultC['username'];
$_SESSION['council'] = $resultC['level'];
$_SESSION['member'] = $resultC['level'];
session_write_close();
redirect_to("../public/index.php");
}else{
//Login failed
redirect_to("../public/login.php");
}
以及检查每个用户凭据的功能是:
session_start();
$_SESSION['ERRMSG_ARR'] = array();
function logged_in() {
return isset($_SESSION['level']);
}
function confirm_logged_in() {
if(!isset ($_SESSION['member']) || (trim($_SESSION['member']) == '')) {
$_SESSION['ERRMSG_ARR'][] = 'You were not Authorised to view that page';
redirect_to("login.php");
}
}
function confirm_login_council() {
if(!isset ($_SESSION['council']) || (trim($_SESSION['council']) == '')) {
$_SESSION['ERRMSG_ARR'][] = 'Sorry but you were not Authorised to view that page';
redirect_to("login.php");
}
}
function confirm_login_admin(){
if(!isset($_SESSION['admin']) || (trim($_SESSION['admin']) == '')) {
$_SESSION['ERRMSG_ARR'][] = 'Unfortunately for you; You were not Authorised to view that page';
redirect_to("login.php");
}
}
并检查我使用的会话数组值:
foreach($_SESSION as $value){
echo $value . " | ";
}
答案 0 :(得分:1)
您正在设置" admin","会员"和"理事会"会话变量为相同的值:
$_SESSION['admin'] = $resultA['level'];
$_SESSION['member'] = $resultA['level'];
$_SESSION['council'] = $resultA['level'];
尝试使用密钥进行打印,以更清楚地了解正在进行的操作:
foreach($_SESSION as $key => $value){
echo $key, ':', $value , ' | ';
}