0
後,我有下面的代碼:重定向到相同的URL登錄
<?php
require_once('includes/dbcon.php');
//Start the session
session_start();
//Clear the error message
$error_msg = "";
$x="";
$role_booking = trim("booking");
$role_admin = trim("admin");
if(!isset($_SESSION['username']) && !isset($_SESSION['role']))
{
if (isset($_POST['submit']))
{
//Connect to database
$dbc = mysqli_connect(SRKBS_SERVER, SRKBS_USER, SRKBS_PWD, SRKBS_DB) or die('error connecting to db : ' . mysqli_connect_error());
$user_username = mysqli_real_escape_string($dbc, trim($_POST['txtUserName']));
$user_password = mysqli_real_escape_string($dbc, trim($_POST['txtPassword']));
$user_role = mysqli_real_escape_string($dbc, trim($_POST['domain']));
if(!empty($user_username) && !empty($user_password) && !empty($user_role))
{
$query = "Select username, password, role from users where username = '$user_username' and password = SHA('$user_password') and role = '$user_role'";
$data = mysqli_query($dbc, $query);
if(mysqli_num_rows($data) == 1)
{
$row = mysqli_fetch_array($data);
$_SESSION['username'] = $row['username'];
$_SESSION['role'] = $row['role'];
if($_SESSION['role'] == $role_booking)
{
$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'Booking/';
header('Location: ' . $home_url);
}
elseif($_SESSION['role'] == $role_admin)
{
$home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'Admin/';
header('Location: ' . $home_url);
}
else
{
$home_url = 'http://' . $_SERVER['HTTP_HOST'];
header('Location: ' . $home_url);
}
}
else
{
$error_msg = "Invalid Credentials.";
$x=1;
}
mysqli_close($dbc);
}
else
{
$error_msg = "Login Credentials cannot be empty!";
$x=1;
}
}
}
>
上面的代碼是主頁登錄屏幕的應用程序的一部分?發生了什麼是,登錄後我被扔回主頁,而不是被重定向基於角色。
請指教。提前致謝。
將值賦給'$ _SESSION ['role']'的位置? –
使用$ _SERVER [「HTTP_REFERER」]; –
$ _SERVER [「HTTP_REFERER」]不可靠:http://stackoverflow.com/questions/12369615/serverhttp-referer-missing。假設用戶來自特定於角色的主頁的登錄頁面,我們知道他們沒有登錄頁面,因爲他們提交了登錄頁面的表單。 – UberDoodles