我想做一个表,每个用户/组只能看到他们的数据。
所以我让每个用户/组在用户表中都有他们的用户类型编号
+---------+----------+------------------------------------------+----------+
| User_id | username | pwd | usertype |
+---------+----------+------------------------------------------+----------+
例如,如果 usertype 的值为 1,它可以看到具有此查询的表(SELECT * FROM table WHERE usertype = '1')
这是我的 loginsubmit.php 提交和启动 session 的地方
<?php
require_once('php_action/db_connect.php');
session_start();
if(isset($_SESSION['user_id'] ))
{
$message = 'User is already logged in';
}
if(!isset( $_POST['username'], $_POST['pwd']))
{
$message = 'Please enter a valid username and password';
}
else if (strlen( $_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
}
else if (strlen( $_POST['pwd']) > 20 || strlen($_POST['pwd']) < 4)
{
$message = 'Incorrect Length for Password';
}
else if (ctype_alnum($_POST['username']) != true)
{
$message = "Username must be alpha numeric";
}
else {
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$pwd = filter_var($_POST['pwd'], FILTER_SANITIZE_STRING);
$pwd = sha1( $pwd );
try {
$sql = "SELECT User_ID FROM User_Dfn WHERE username = '".$username."' AND pwd = '".$pwd."'";
if($result=mysqli_query($connect,$sql)) {
while($row=mysqli_fetch_assoc($result)) {
$user_id = $row['User_ID'];
$usertype = $row['usertype'];
$_SESSION['user_id'] = $user_id;
$_SESSION['usertype'] = $usertype;
$_SESSION['timeout'] = time();
header("Location: index.php");
}
}
if($user_id == false);
{
$message ='Login Failed';
}
} catch(Exception $e) { $message = 'Unable to process request'; }
}
?>
这里是一个 片段 的 php 文件,它在其中检索数据。
<?php
require_once 'db_connect.php';
$usertype= $_SESSION['usertype'];
$output = array('data' => array());
$sql = "SELECT * FROM Service WHERE user_id = '$usertype'";
$query = $connect->query($sql);
好吧,我希望你能理解我想解释的内容,这对我来说有点复杂..
它只是不将用户类型加载到 sqlquery 中。我觉得我做错了什么
请帮忙
谢谢
最佳答案
你没有在检索文件中调用session_start();
关于php - 通过 session 获取登录用户的详细信息,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/40988409/