php - 管理员用户登录使用 2 个表 PhP
问题描述
情况是,我需要在不使用下拉菜单或单选按钮的情况下创建具有用户级别的登录名,而且它有两个表,一个供使用,一个供管理员使用。我已经尝试以各种方式创建它,但它仍然没有进入用户页面
这是代码:
<?php
session_start();
include('configure.php');
date_default_timezone_set("Asia/Manila");
$date = date("y/m/d h:i:a");
$usern = $_POST['username'];
$passw = $_POST['password'];
$_SESSION['admin'] = '';
$_SESSION['user'] = '';
$sql = " SELECT * FROM admin WHERE username = '$usern' AND password = '$passw'";
$result = mysqli_query($conn, $sql);
if($result->num_rows > 0){
while($row = $result->fetch_assoc()){
if($row['username'] = $usern && $row['password'] = $passw){
$_SESSION['admin'] = $usern;
header("location: ../login_admin.php?log=".$_SESSION['admin']);
}
}
}else{
$sql1 = " SELECT * FROM users WHERE username = '$usern' AND password = '$passw'";
$result1 = mysqli_query($conn, $sql1);
if($result1->num_rows > 0){
while($row = $result->fetch_assoc()){
if($row['username'] = $usern && $row['password'] = $passw){
$_SESSION['user'] = $usern;
header("location: ../main.php?log=".$_SESSION['user']);
}else{
header("location: SpaceAdv/index.php");
}
}
}
}
?>
PS configure.php 是与数据库和本地主机的连接,谢谢
解决方案
使用您的架构修复代码
<?php
session_start();
include('configure.php');
date_default_timezone_set("Asia/Manila");
$date = date("y/m/d h:i:a");
$usern = $_POST['username'];
$passw = $_POST['password'];
$_SESSION['admin'] = '';
$_SESSION['user'] = '';
$sql = " SELECT * FROM admin WHERE username = '$usern' AND password = '$passw'";
$result = mysqli_query($conn, $sql);
if ($result->num_rows === 1) {
//Current user is in Admin table, hence he/she is an admin
$_SESSION['admin'] = $usern;
header("location: ../login_admin.php?log=".$_SESSION['admin']);
exit(0);
} elseif ($result->num_rows > 1) {
//there should not be more than one rows with same credentials. Two rows with same (username, password), Make username primary key.
throw new Exception("Multiple entry with same username and password in admin table");
} else {
//Given credentials are not in admin table, check user table.
$sql1 = " SELECT * FROM users WHERE username = '$usern' AND password = '$passw'";
$result1 = mysqli_query($conn, $sql1);
if ($result->num_rows === 1) {
$_SESSION['user'] = $usern;
header("location: ../main.php?log=".$_SESSION['user']);
} elseif ($result->num_rows > 1) {
throw new Exception("Multiple entry with same username and password in user table");
}
else {
//Nither in User nor in admin table
header("location: SpaceAdv/index.php");
}
}
?>
推荐的方法
请阅读一些关于基于角色的访问控制的文章。下面是一篇关于如何实现相同功能的精彩文章。
推荐阅读
- android - 如果我在 Android 的运行时写了一些代码。如果我想在应用程序中调用此代码,我该怎么办?
- google-chrome - 使用“remote-debugging-port”标志调试 Chrome 实例
- javascript - PHP Memcache 无法获取 Node js memcached-promisify 模块设置的键
- asp.net - 我无法使用 dotnet run 构建和运行我的项目
- html - 如何动态启用文本框?
- sql-server - 如何找到使用 SET ANSI_NULLS OFF 创建的例程?
- excel - 在 Sheet2 中自动过滤并在 Sheet1 中使用 SUMIF 的过滤范围
- wordpress - 如何在单击 CF7 提交按钮时在弹出窗口中显示 grecaptcha?
- git - 如何在 Azure Pipelines 中获取 Git 标记
- c# - WPF - 找不到应用程序 xaml 文件中定义的资源