php - 如果用户是管理员显示某些链接,如果用户是用户显示其他链接
问题描述
美好的一天
我似乎做错了什么。我不是 php 的专业人士和新手,如果我的问题很愚蠢,我仍在学习非常抱歉。
因此,如果用户是管理员或用户,我想显示某些链接。创建用户时,他们为用户或管理员选择一个复选框,并将其作为用户或管理员保存到数据库中。
这是我的登录表单代码
<?php session_start(); ?>
<?php
include("connect.php");
include("indexheader.php");
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
header("location: index.php");
exit;
}
// Define variables and initialize with empty values
$username = $password = "";
$username_err = $password_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if username is empty
if(empty(trim($_POST["username"]))){
$username_err = "Please enter username.";
} else{
$username = trim($_POST["username"]);
}
// Check if password is empty
if(empty(trim($_POST["password"]))){
$password_err = "Please enter your password.";
} else{
$password = trim($_POST["password"]);
}
// Validate credentials
if(empty($username_err) && empty($password_err)){
// Prepare a select statement
$sql = "SELECT user_id, username, password FROM login WHERE username = ?";
if($stmt = mysqli_prepare($con, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if(mysqli_stmt_num_rows($stmt) == 1){
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if(mysqli_stmt_fetch($stmt)){
if(password_verify($password, $hashed_password)){
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["user_id"] = $id;
$_SESSION["username"] = $username;
$_SESSION["permissions"] = "Admin";
$_SESSION["permissions"] = "User";
// Redirect user to welcome page
header("location: welcome.php");
} else{
// Display an error message if password is not valid
$password_err = "The password you entered was not valid.";
}
}
} else{
// Display an error message if username doesn't exist
$username_err = "No account found with that username.";
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($con);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>SKC South Africa</title>
<link rel="stylesheet" type="text/css" href="indexcrud.css">
</head>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<div class="box">
<h3>Login</h3>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
<label>Username</label>
<input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
<span class="help-block"><?php echo $username_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
<label>Password</label>
<input type="password" name="password" class="form-control">
<span class="help-block"><?php echo $password_err; ?></span>
</div>
<button type="submit" name="submit" class="btn btn-success button">Login</button>
</form>
</div>
</div>
</div>
</head>
</html>
登录后,他们将被定向到下面的欢迎页面代码
<?php
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: index.php");
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>SKC South Africa</title>
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="indexcrud.css">
</head>
<body>
<div class="container">
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="index.php">SKC South Africa</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<form action="" method="POST" enctype="multipart/form-data">
<ul class="nav navbar-nav">
<li class="active"><a href="welcome.php">Home</a></li>
<li><a href='logout.php'>Logout</a></li>
</form>
</ul>
</div><!--/.nav-collapse -->
</div><!--/.container-fluid -->
</nav>
<h3>Welcome <?php echo htmlspecialchars($_SESSION["username"]); ?>!</h3>
<p><?php echo ("<div class='alert alert-success'>Successfully logged in!</div>")?></p>
<br/>
<?php
if(isset($_SESSION["permissions"]) == "User") //check if user is a user and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<?php } elseif(isset($_SESSION["permissions"]) == "Admin") //check if user is an admin and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<a href="viewuser.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Users!</div>")?></a>
<?php }else{ // if user is not logged in then display these buttons?>
<li><a href="signin.php">Sign In</a></li>
<li><a href="signup.php">Sign Up</a></li>
<?php } ?>
</div>
<br><br><br>
<div class="container">
<div class="jumbotron">
<h1>SKC South Africa</h1>
<h3>Welcome to SKC Content Managment Site (CMS)</h3><br>
<p>With this system you will be able to:</p>
<ul style="font-size: 12pt;">
<li>Add new Products, Details, Specifications and Links</li>
<li>Update Products, Details, Specifications and Links</li>
<li>Delete Products, Details, Specifications and Links</li><br>
<li>Add new Featured Products</li>
<li>Update Featured Products</li>
</ul><br>
<p>Live previews can be view under the view products tab and is selected per category.</p>
</div>
</div>
我似乎无法让这部分工作
<?php
if(isset($_SESSION["permissions"]) == "User") //check if user is a user and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<?php } elseif(isset($_SESSION["permissions"]) == "Admin") //check if user is an admin and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<a href="viewuser.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Users!</div>")?></a>
<?php }else{ // if user is not logged in then display these buttons?>
<?php } ?>
上面代码的结果是,无论用户设置为用户还是管理员,它都只显示第一个权限 = 用户,因此用户和管理员用户都只显示 2 个链接。我做错了什么,请帮忙。
您的帮助将不胜感激。
解决方案
推荐阅读
- swift - AVPlayerItem loadedTimeRanges 返回 WAV 文件的错误持续时间
- javascript -
- if-statement - 进程行中 vhdl 代码中的语法错误
- sql - 如何计算 Hive 中值出现的次数
- xcode - fatal error: 'boost/preprocessor/control/expr_iif.hpp' file not found
- json - 在 Openresty 中使用 cjson Lua 模块解析缺少字段的 JSON
- coq - 如何证明一个奇数是coq中nat的double的后继?
- javascript - 自动放大图像的某个位置
- reactjs - 出口类与声明类反应的区别
- firebase - 为新用户创建试用帐户以使用 Firebase 测试 Web 应用构建:我应该如何计算试用期?