不同用户级别的PHP登录
我正在创建具有不同用户级别的登录。如果用户名和密码为admin或staff,如何将my table users的user_level字段设置为comapare 代码如下:不同用户级别的PHP登录,php,sql,Php,Sql,我正在创建具有不同用户级别的登录。如果用户名和密码为admin或staff,如何将my table users的user_level字段设置为comapare 代码如下: <?php include("../config/database.php"); if(isset($_POST["login"])) { $username = $_POST['username']; $password = $_POST['password']; $username = stripsl
<?php
include("../config/database.php");
if(isset($_POST["login"]))
{
$username = $_POST['username'];
$password = $_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$query = "SELECT * FROM users
WHERE username= '$username' OR email= '$username'
AND password='$password'";
$result = mysql_query($query);
$count = mysql_num_rows($result);//counting table rows
if($count==1)
{//check if found username and password
if(user_level == "admin")
{
header("Location: ../views/admin/dashboard.php");
}
elseif(user_level=="patient")
{
header("Location: ../views/default/home.php");
}
}
else
{
echo "WRONG USERNAME OR PASSWORD!";
}
}
?>
应该是
$record=mysql_fetch_assoc($result);
if($record["user_level"] == "admin"){
首先,试着用括号分开
$sql = "SELECT * FROM users
WHERE (username= '$username' OR email= '$username')
AND password='$password'";";
而且mysql.*
函数也被删除。您可以使用mysqli.*
或PDO
来解决这个问题
为了回答您的问题,您是否有一个字段确定表中用户的角色?如果是这样,只需返回字段并检查用户是否是适当的角色
例如:
$data = mysql_fetch_assoc($result);
if ($data["user_level"] == "admin" ){
...
}
您应该在数据库表users
中添加一个字段user\u level
。您可以在注册级别为其分配值admin
或patient
之后,对新变量$previlage
使用相同的查询。然后使用它从数据库中获取内容,如下所示
$previlage=mysql_fetch_array($result); //fetch contents from db
if($previlage['user_level'] == "admin"){
header("Location: ../views/admin/dashboard.php"); // if userlevel admin
}elseif($previlage['user_level']=="patient"){
header("Location: ../views/default/home.php"); // if user level is patient
}
做一些改变,它会工作的
$count = mysql_fetch_assoc($result);
而且
if($count==1){//check if found username and password
if($count['user_level'] == "admin"){
header("Location: ../views/admin/dashboard.php");
}elseif($count['user_level']=="patient"){
header("Location: ../views/default/home.php");
}
}
这是我到数据库$conn=mysql\u connect($hostname,$username,$password)或die(“ERROR”.mysql\u ERROR)的连接;$db=mysql\u选择\u db($database)或die(“ERROR”).mysql\u ERROR;我必须把它改成mysqli吗?
if($count==1){//check if found username and password
if($count['user_level'] == "admin"){
header("Location: ../views/admin/dashboard.php");
}elseif($count['user_level']=="patient"){
header("Location: ../views/default/home.php");
}
}