php - if 语句确定 $_SESSION 数据
问题描述
我创建了一个客户数据库,其中 4-5 名员工可以登录以查看、编辑和删除记录。
我需要列出客户记录的 html 表,以仅在登录的用户 ID ($_SESSION[userID]) 与创建记录的用户 ID 匹配时显示“编辑”和“删除”链接。因此,如果工作人员在 5 条记录中创建了 3 条,他们应该只会看到针对这三条记录的“编辑”和“删除”超链接,而其他两条则什么也看不到。
我已经设法达到会话工作的目的 - 但是,作为 PHP 新手,我不确定将我的 IF 语句放在哪里来回显“编辑”和“删除”链接 - 并且完全迷失了如何编写它确切地。我已经尝试了很多尝试,但现在我的头发被扯掉了!任何帮助将不胜感激。
这是我的会话开始文件(authenticate.php):
<?php
session_start();
$_SESSION["staffID"] = "staffID";
?>
员工登录文件(staff_login.php):
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Staff login</title>
</head>
<body>
<?php
require("db.php");
session_start();
// If form submitted, insert values into the database.
if (isset($_POST['username'])){
// removes backslashes
$username = stripslashes($_REQUEST['username']);
//escapes special characters in a string
$username = mysqli_real_escape_string($con,$username);
$password = stripslashes($_REQUEST['password']);
$password = mysqli_real_escape_string($con,$password);
//Checking if user existing in the database or not
$query = "SELECT * FROM `staff login` WHERE username='$username'
and password='$password'";
$result = mysqli_query($con,$query) or die(mysql_error());
$rows = mysqli_num_rows($result);
if($rows==1){
$_SESSION['username'] = $username;
$_SESSION[staffID] = $rows["$staffID"];
// Redirect user to edit_contact.php - was index.php -
header("Location: edit_contact.php");
}
else
{
echo "<div class='form'>
<h3>Username/password is incorrect.</h3>
<br/>Click here to <a href='staff_login.php'>Login</a></div>";
}
}else{
?>
<div class="form">
<h1>Staff login</h1>
<form action="" method="post" name="login">
<input type="text" name="username" placeholder="Username" required />
<input type="password" name="password" placeholder="Password" required />
<input name="submit" type="submit" value="Login" />
</form>
</div>
<?php } ?>
</body>
</html>
和 php 文件以“编辑”和“删除”超链接显示表中的记录:
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Edit contact</title>
</head>
<body>
<h2>Tate Finance Customer contact details</h2>
<?php
//***edit_contact.php***///
// Developed by: []
// Contact: []
// Created: [November 2018]
// Last Modified: [26 November 2018]
/* Purpose: This file lists all contacts from the mycontacts database in a table for logged in users to add, edit or delete their contacts.*/
//include authenticate.php file on all secure pages
require('db.php');
include("authenticate.php");
?>
<!--Add welcome note to staff user-->
<p>Welcome <?php echo $_SESSION['username']; ?>!</p>
<p><a href="logout.php">Logout</a></p>
<h3><a href="insert.php">Add new customer</a></h3>
<?php
$con = mysqli_connect("localhost","root","xxxxxx","mycontacts");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
// Show all contacts from database in a table list
$query = "SELECT * FROM contact ORDER BY conName ASC";
$rst = mysqli_query($con,$query);
if($rst)
{
if(mysqli_num_rows($rst)>0)
{
// Table design for contacts list
echo "<table border='1'><tr><td>Edit contact</td><td>Name</td><td>Address</td><td>Phone</td><td>Mobile</td><td>Email</td></tr>";
while ($row = mysqli_fetch_assoc($rst))
{
/* Present contacts details in table list according to id selected, with links to edit or delete according to contactID selected */
/* This is where I think my IF statement needs to go, but can't figure out how/what to write to make it work */
echo "<tr><td><a href=editContact.php?id=".$row['contactID'].">Edit</a><a href=delete_record.php?id=".$row['contactID']."> Delete</a></td><td>".$row['conName']."</td><td>".$row['conAddress']."</td><td>".$row['conPhone']."</td><td>".$row['conMobile']."</td><td>".$row['conEmail']."</td></tr>";
}
echo "</table>";
}
}
else
{
echo "No results found";
}
}
?>
</body>
</html>
解决方案
<?php
while($row = mysqli_fetch_assoc($selectAllCustomer)){
$id = $row['customer_id'];
$name= $row['customer_id'];
$email= $row['customer_email'];
echo "<tr>";
if($_SESSION['staffID'] == $Admin_Id){
echo "<td>".$name."</td>";
echo "<td>".$email."</td>";
echo "<td>";
echo "<a href='editPage.php?edit='".$id."'>Edit</a>";
echo "</td><td>";
echo "<a href='deletePage.php?delete='".$id."'>Delete</a>";
echo "</td>";
}else{
echo "<td>".$name."</td>";
echo "<td>".$email."</td>";
}
echo "</tr>";
}
NB: the valiable $admin_Id, is a id of the creator
?>
推荐阅读
- python - 检查相同数字的相等性返回 False
- reactjs - Firestore:enablePersistence() 然后将 redux 与离线数据库一起使用?
- java - Spring Kafka-何时在后台调用 Consumer.poll()?
- vue.js - 无法使用 axios 和 vue 显示我返回的数组的结果
- amazon-ec2 - 在 GCP Pub/Sub 中设置推送端点时出现无效参数错误
- vim - Vim:从本地目录加载语法文件
- sequelize.js - 如何在续集中使用 ilike 搜索整数
- python - Python 2.7:SyntaxError:文件中的非 ASCII 字符“0xe6”,错误不会消失
- opencl - CodeXL 无法运行 GPU 配置文件
- javascript - 如何反向循环 Cheerio 对象?