Php 仅可由登录的用户访问页面
我正在尝试使我的admin.php页面仅可供登录的人访问,因此,当您未登录时,您将被发送到index.php。我尝试了一些带有if语句的东西,但它似乎对我不起作用 loginHTML.htmlPhp 仅可由登录的用户访问页面,php,mysql,pdo,mysqli,Php,Mysql,Pdo,Mysqli,我正在尝试使我的admin.php页面仅可供登录的人访问,因此,当您未登录时,您将被发送到index.php。我尝试了一些带有if语句的东西,但它似乎对我不起作用 loginHTML.html <form method="POST" action="verification.php" class="loginFields"> <input type="text" name="username" placeholder="Username" autofocus> <i
<form method="POST" action="verification.php" class="loginFields">
<input type="text" name="username" placeholder="Username" autofocus>
<input type="password" name="password" placeholder="Password">
<input type="submit" name="submit" value="Inloggen">
</form>
verification.php
// Start new DOMDocument and load html file.
$dom = new DOMDocument();
libxml_use_internal_errors(true);
$dom->loadHTMLFile("loginHTML.html");
libxml_use_internal_errors(false);
// Haal verification.php op om gegevens te checken.
include_once('verification.php');
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
$object = new user();
$object->login($username, $password);
}
// Save DOMDocument with html document.
echo $dom->saveHTML();
// Include connection.php om connectie te maken te de database.
include_once('inc/connection.php');
include_once('login.php');
class user{
private $db;
public function __construct(){
$this->db = new connection();
$this->db = $this->db->dbconnect();
}
public function login($username, $password){
$this->db = new Connection();
$this->db = $this->db->dbConnect();
// Als $username en $password gevuld zijn checken op overeenkomst
if(!empty($username) && !empty($password)){
$st = $this->db->prepare("SELECT * FROM users WHERE username=? AND password=?");
$st->bindParam(1, $username);
$st->bindParam(2, $password);
$st->execute();
$result=$st->fetch(PDO::FETCH_ASSOC);
$id=$result['id'];
// Als er een overeenkomst is doorsturen naar admin.php en session aanmaken
if($st->rowCount() == 1) {
$_SESSION['id'] = $result['id'];
$_SESSION['ingelogt'] = $username;
header('location: admin.php');
exit;
} else {
echo "Incorrect username or password";
}
// Als er niks is ingevoerd bij het inlogscherm
} else {
echo "Please enter your username and password";
}
}
}
session_start();
// If session is not ingelogt lead back to index.php.
if(!isset($_SESSION['id'])) {
header("location: index.php");
die();
}
admin.php
// Start new DOMDocument and load html file.
$dom = new DOMDocument();
libxml_use_internal_errors(true);
$dom->loadHTMLFile("loginHTML.html");
libxml_use_internal_errors(false);
// Haal verification.php op om gegevens te checken.
include_once('verification.php');
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
$object = new user();
$object->login($username, $password);
}
// Save DOMDocument with html document.
echo $dom->saveHTML();
// Include connection.php om connectie te maken te de database.
include_once('inc/connection.php');
include_once('login.php');
class user{
private $db;
public function __construct(){
$this->db = new connection();
$this->db = $this->db->dbconnect();
}
public function login($username, $password){
$this->db = new Connection();
$this->db = $this->db->dbConnect();
// Als $username en $password gevuld zijn checken op overeenkomst
if(!empty($username) && !empty($password)){
$st = $this->db->prepare("SELECT * FROM users WHERE username=? AND password=?");
$st->bindParam(1, $username);
$st->bindParam(2, $password);
$st->execute();
$result=$st->fetch(PDO::FETCH_ASSOC);
$id=$result['id'];
// Als er een overeenkomst is doorsturen naar admin.php en session aanmaken
if($st->rowCount() == 1) {
$_SESSION['id'] = $result['id'];
$_SESSION['ingelogt'] = $username;
header('location: admin.php');
exit;
} else {
echo "Incorrect username or password";
}
// Als er niks is ingevoerd bij het inlogscherm
} else {
echo "Please enter your username and password";
}
}
}
session_start();
// If session is not ingelogt lead back to index.php.
if(!isset($_SESSION['id'])) {
header("location: index.php");
die();
}
不要使用
SELECT*
,而是指定列SELECT id
//...
$st->execute();
$row = $st->fetch();
$id = $row['id'];
您已使用
*
从用户中成功选择了所有。现在你所要做的就是去拿
$users=$stmt->fetchObject()
现在只需echo
以下内容:$users->data
示例:
echo$users->id
echo$users->username
或
如果你只是想要一个ID,你实际上应该只选择这样的ID:
选择ID
,而不是全部(*
)。我知道那页,我已经查过了,但似乎找不到合适的。。请帮帮忙@decezeafter$st->execute()代码>->$result=$st->fetch(PDO::fetch_ASSOC)$id=$result['id']
另外,请使用两个单独的查询-选择用户名并获取其id。然后选择密码作为用户id。@meda非常感谢:P完成了任务!