Php 如果用户是管理员,则显示某些链接;如果用户是管理员,则显示其他链接
大家好 我好像做错了什么事。我不是专业人士,也不是php新手,我还在学习,所以如果我的问题很愚蠢,我道歉 因此,我想显示某些链接,如果用户是管理员或用户。当用户被创建时,他们会为user或admin选择一个复选框,并将其作为user或admin保存到数据库中 这是我的登录表单代码Php 如果用户是管理员,则显示某些链接;如果用户是管理员,则显示其他链接,php,mysql,Php,Mysql,大家好 我好像做错了什么事。我不是专业人士,也不是php新手,我还在学习,所以如果我的问题很愚蠢,我道歉 因此,我想显示某些链接,如果用户是管理员或用户。当用户被创建时,他们会为user或admin选择一个复选框,并将其作为user或admin保存到数据库中 这是我的登录表单代码 <?php session_start(); ?> <?php include("connect.php"); include("indexheader.ph
<?php session_start(); ?>
<?php
include("connect.php");
include("indexheader.php");
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
header("location: index.php");
exit;
}
// Define variables and initialize with empty values
$username = $password = "";
$username_err = $password_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if username is empty
if(empty(trim($_POST["username"]))){
$username_err = "Please enter username.";
} else{
$username = trim($_POST["username"]);
}
// Check if password is empty
if(empty(trim($_POST["password"]))){
$password_err = "Please enter your password.";
} else{
$password = trim($_POST["password"]);
}
// Validate credentials
if(empty($username_err) && empty($password_err)){
// Prepare a select statement
$sql = "SELECT user_id, username, password FROM login WHERE username = ?";
if($stmt = mysqli_prepare($con, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = $username;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Store result
mysqli_stmt_store_result($stmt);
// Check if username exists, if yes then verify password
if(mysqli_stmt_num_rows($stmt) == 1){
// Bind result variables
mysqli_stmt_bind_result($stmt, $id, $username, $hashed_password);
if(mysqli_stmt_fetch($stmt)){
if(password_verify($password, $hashed_password)){
// Password is correct, so start a new session
session_start();
// Store data in session variables
$_SESSION["loggedin"] = true;
$_SESSION["user_id"] = $id;
$_SESSION["username"] = $username;
$_SESSION["permissions"] = "Admin";
$_SESSION["permissions"] = "User";
// Redirect user to welcome page
header("location: welcome.php");
} else{
// Display an error message if password is not valid
$password_err = "The password you entered was not valid.";
}
}
} else{
// Display an error message if username doesn't exist
$username_err = "No account found with that username.";
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($con);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>SKC South Africa</title>
<link rel="stylesheet" type="text/css" href="indexcrud.css">
</head>
<div class="row">
<div class="col-md-6 col-md-offset-3">
<div class="box">
<h3>Login</h3>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group <?php echo (!empty($username_err)) ? 'has-error' : ''; ?>">
<label>Username</label>
<input type="text" name="username" class="form-control" value="<?php echo $username; ?>">
<span class="help-block"><?php echo $username_err; ?></span>
</div>
<div class="form-group <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
<label>Password</label>
<input type="password" name="password" class="form-control">
<span class="help-block"><?php echo $password_err; ?></span>
</div>
<button type="submit" name="submit" class="btn btn-success button">Login</button>
</form>
</div>
</div>
</div>
</head>
</html>
首先将$\u SESSION[“permissions”]
设置为Admin
,然后在下一行中,将该变量设置为User
,这意味着所有用户都将被设置为User
。您需要动态设置该变量,即用户在数据库中的设置。非常感谢您的回复,也许我需要对会话进行更多的研究,因为您所说的内容在覆盖部分是有意义的,但在动态设置部分不确定。也许我能找到一个教程或者一些东西来告诉我这是如何工作的。
<?php
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: index.php");
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>SKC South Africa</title>
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="indexcrud.css">
</head>
<body>
<div class="container">
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="index.php">SKC South Africa</a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<form action="" method="POST" enctype="multipart/form-data">
<ul class="nav navbar-nav">
<li class="active"><a href="welcome.php">Home</a></li>
<li><a href='logout.php'>Logout</a></li>
</form>
</ul>
</div><!--/.nav-collapse -->
</div><!--/.container-fluid -->
</nav>
<h3>Welcome <?php echo htmlspecialchars($_SESSION["username"]); ?>!</h3>
<p><?php echo ("<div class='alert alert-success'>Successfully logged in!</div>")?></p>
<br/>
<?php
if(isset($_SESSION["permissions"]) == "User") //check if user is a user and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<?php } elseif(isset($_SESSION["permissions"]) == "Admin") //check if user is an admin and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<a href="viewuser.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Users!</div>")?></a>
<?php }else{ // if user is not logged in then display these buttons?>
<li><a href="signin.php">Sign In</a></li>
<li><a href="signup.php">Sign Up</a></li>
<?php } ?>
</div>
<br><br><br>
<div class="container">
<div class="jumbotron">
<h1>SKC South Africa</h1>
<h3>Welcome to SKC Content Managment Site (CMS)</h3><br>
<p>With this system you will be able to:</p>
<ul style="font-size: 12pt;">
<li>Add new Products, Details, Specifications and Links</li>
<li>Update Products, Details, Specifications and Links</li>
<li>Delete Products, Details, Specifications and Links</li><br>
<li>Add new Featured Products</li>
<li>Update Featured Products</li>
</ul><br>
<p>Live previews can be view under the view products tab and is selected per category.</p>
</div>
</div>
<?php
if(isset($_SESSION["permissions"]) == "User") //check if user is a user and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<?php } elseif(isset($_SESSION["permissions"]) == "Admin") //check if user is an admin and display buttons
{
?>
<a href="view.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Products!</div>")?></a><br><br>
<a href="viewfeatured.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Featured Products!</div>")?></a><br><br>
<a href="viewuser.php"><?php echo ("<div class='btn btn-primary' style='text-align: center;'>Click here to View and Add Users!</div>")?></a>
<?php }else{ // if user is not logged in then display these buttons?>
<?php } ?>