我想顯示不同的內容,如果用戶是管理員(2),或noarmal用戶(1)。登錄工作正常,但我不知道如果用戶有'usertype'1或2熱檢查?我想使用PHP $ _SESSION。
這是我的登錄表單:
<!-- Log in -->
<form method="post" action="authentication.php">
<input type="text" name="userid" placeholder="E-mail" required/>
<input type="password" name="password" placeholder="Password" required/><br>
<button type="submit" name="submit" class="btn">Log in</button>
</form>
這是我authentication.php:
session_start();
if(isset($_POST['userid']) && isset($_POST['password'])){
$userid = $_POST['userid'];
$password = $_POST['password'];
$dbc = mysqli_connect('localhost', 'root', '', 'news');
if(!$dbc){
echo "Cannot connect to database";
exit;
}
$query = "SELECT * FROM users_tbl WHERE email = '$userid' AND password = sha1('$password')";
$result = $dbc->query($query);
if($result->num_rows)
{
$_SESSION['valid_user'] = $userid;
}
$dbc->close();
}
if(isset($_SESSION['valid_user'])){
header("location:prefs.php");
}else{
header("location:login.php");
echo 'Error';
}
這是我曾嘗試:
<?php
mysql_connect('localhost', 'root', '');
mysql_select_db('news');
$sql = "SELECT users_tbl.usertype FROM users_tbl";
$result = mysql_query($sql);
$user = mysql_fetch_array($result);
$_SESSION['user'] = $user['user'];
$_SESSION['usertype'] = $user['usertype'];
if($_SESSION['user']['usertype'] == 2)
{?>
<h1>Only admin stuff</h1>
<$? }//Endif user is admin(2) ?>
也許不是做的查詢每次檢查用戶是否爲admin,我可以保存一個$ _SESSION ['usertype'],然後用它來檢查用戶是否爲2,爲管理員,也許當用戶登錄?但我不知道該怎麼做。我對此很新穎。
你需要調用'在session_start()'你開始使用'$ _SESSION'瓦爾之前,這可能是一個原因,它不設置它們。 – Stu
session_start()位於每一頁的頂部,用於檢查$ _SESSION ['valid_user']是否已設置 – user1906437