Php 如何在一次登录中修复两个用户的单独会话
index.phpPhp 如何在一次登录中修复两个用户的单独会话,php,sql,session,Php,Sql,Session,index.php <form class="form" id="ex-form" method="post" action="index.php"> <input type="text" placeholder="Email" name="email"> <input type="password" placeholder="Password" name="password"> <button type="submit" id="login-butto
<form class="form" id="ex-form" method="post" action="index.php">
<input type="text" placeholder="Email" name="email">
<input type="password" placeholder="Password" name="password">
<button type="submit" id="login-button" name="login">Login</button>
</form>
<?php
session_start();
include 'db/db_connection.php';
if (isset($_POST['login'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if($_POST['email']=="" || $_POST['password']==""){ //To check whether username and password fields are blank
$create_error_message='Blank Email OR Password...';
}else{
$sql="SELECT * FROM user WHERE email='$email' AND password='$password' AND status='1'";
$result=mysqli_query($dbcon,$sql);
$row=mysqli_fetch_array($result);
$_SESSION["status"] =$row['status'];
$_SESSION["user_type_id"] =$row['user_type_id'];
$_SESSION["first_name"] =$row['first_name'];
$count=mysqli_num_rows($result);
if ($count > 0) {
$user = $row['user_id'];
date_default_timezone_set('Asia/Colombo');
$date = date('Y-m-d');
$time = date('h:i:s');
$sql2 = mysqli_query($dbcon,"INSERT INTO `login_sessions` (`date`, `time`, `user_id`) VALUES ('$date', '$time', '$user')")or die(mysql_error());
if ($sql2) {
$_SESSION['user'] = $user;
if ($_SESSION["user_type_id"] == 1){
header("Location: src/system/modules/login/dashboard.php");
//echo "WLCOME ADMIN";
}else if($_SESSION["user_type_id"] == 2){
header("Location: src/system/modules/login/dashboard.php");
//echo "WLCOME Examiner";
}else if($_SESSION["user_type_id"] == 3){
//header("Location: ");
echo "WLCOME Job Seeker";
}else{
//header("Location: ");
}
}//if($sql2)
}//if count end
} //else
} //login
?>
<?php
session_start();
include '../../db/db_connection.php';
$date = date('Y-m-d');
if(!empty($_SESSION['user'])){
?>
<html>
<body>
<div id="ad">
<?php
$query_user=mysqli_query($dbcon,"SELECT * FROM user WHERE user_id='".$_SESSION['user']."'")or die(mysql_error());
$row_user=mysqli_fetch_array($query_user);
?>
<h3 style="color:#333; margin-left:20px;">Welcome
<?php echo $row_user['first_name']." ". $row_user['last_name']; ?>
</h3><br />
</div><!--ad-->
</body>
</html>
用户类型
user_type_id user_type_name
1 admin
2 examiner
3 jobseeker
在这里,我有一个登录到所有用户。当我以管理员身份登录时,它将在dashboard.php中预览管理员的名字和姓氏
我将打开下一个浏览器选项卡并以审查员身份登录。然后它将在dashboard.php中预览考官的名字和姓氏。但是在前面的选项卡(以管理员身份登录)中,更改了值。它将预览考官的名字和姓氏
所以这两个标签我分别以管理员和考官的身份登录。但是会话并不正确。如何修复此错误???在同一浏览器中,您在哪里看到两个登录会话?我不知道你希望它表现如何?真正的问题是你如何在第二个选项卡中显示登录页面。你在登录查询中得到了sql注入。我如何修复错误正如用户2659982所说,你让门敞开着:/check,而且,如果我没有弄错,浏览器选项卡将为网站保留一个会话cookie,如这里所述@OldPadawan right。但是使用get参数(或者会话值,我想也可以),您可以
$\u session[$\u session['isAdmin']]['SomeKey']
有点麻烦,但这就是包装类的用途。
user_type_id user_type_name
1 admin
2 examiner
3 jobseeker