我对 php 相当陌生,我正在尝试做我的学校作业,但老师只是说“谷歌它”,我真的找不到适合我的答案。
这是我的login.php(请原谅其中的瑞典语注释,这些是给我老师的)
<?php //Start the Session
session_start();
require('connect.php');
//3. If the form is submitted or not.
//3.1 If the form is submitted
if (isset($_POST['username']) and isset($_POST['password'])){
//Sätter form värderna i variabler
$username = $_POST['username'];
$password = $_POST['password'];
//Kollar om variblerna redan finns i databasen
$query = "SELECT * FROM `user` WHERE username='$username' and password='$password'";
$result = mysql_query($query) or die(mysql_error());
$count = mysql_num_rows($result);
//Kollar om bägge värdena är likadana i databasen och sedan skapar sessionen om de är det.
if ($count == 1){
$_SESSION['loggedin'] = 1;
$_SESSION['username'] = $username;
}else{
//3.1.3 Om värdena inte stämmer kommer ett fel medelande att skickas till användaren.
echo "Invalid Login Credentials.";
}
}
//Om han loggar in så skickas han vidare till protected.php
if ($_SESSION['loggedin'] == 1) {
header('Location: protected.php');
}else{
?>
这是您登录后访问的页面( protected 页面)
<?php
session_start();
require('connect.php');
// startar sessionen så att man kan använda session variablerna
// Inkluderar connect.php för att ansluta till databasen
if ($_SESSION['loggedin'] != 1) {
//Om loggedin är inte lika med 1 skickas han till första login sidan
header('Location: index.php');
exit;
}
?>
<html>
<head><title>Logged in!</title></head>
<body>ASDSDFSDF<br><a href="logout.php">Log out</a><br>
<?php
$sql = "SELECT admin FROM `user` WHERE username='$_SESSION['username']'";
$result = mysql_query($sql);
$admin = mysql_fetch_array($result);
$_SESSION['admin'] = $admin['admin'];
if ($_SESSION['admin']) == 1 {
echo "You are an Admin!";
}else{
echo "You are a normal user";
}
?>
</body>
</html>
我不明白这段代码为什么不起作用。 :/
<?php
$sql = "SELECT admin FROM `user` WHERE username='$_SESSION['username']'";
$result = mysql_query($sql);
$admin = mysql_fetch_array($result);
$_SESSION['admin'] = $admin['admin'];
if ($_SESSION['admin']) == 1 {
echo "You are an Admin!";
}else{
echo "You are a normal user";
}
最佳答案
请再次检查此代码:
$sql = "SELECT admin FROM `user` WHERE username='$_SESSION['username']'";
这里可能有两个错误:
- 您不能在“”中插入 $_SESSION;
- 引用时,“$_SESSION['username']”应更改为“$_SESSION[username]”;
回顾一下,您可以使用以下方式:
$sql = "SELECT admin FROM `user` WHERE username='".$_SESSION['username']."'";
通过这种方式,您可以保留带有引号的原始 SQL 方法:
WHERE username='xxx'
关于php - 在 PHP 中检查用户是否是管理员,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30185045/