我正在设计一个网站,它有四个模块管理员,分行管理员,记者,会计师,每个人都可以登录到各自的页面,例如管理员将登录到管理页面,记者将登录到其页面,但是代码不工作。 当我尝试登录任何模块时,它仅登录到管理页面,并且会转到分支管理员或记者或会计师。
这是我的index.php页面
<?php
include('login.php'); // Includes Login Script
if(isset($_SESSION['login_user']))
{
header("Location: admin.php");
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>LoginIN</title>
<link href="styles/bootstrap.min.css" rel="stylesheet">
<link href="styles/signin.css" rel="stylesheet">
</head>
<body>
<div id="wrapper">
<header id="top">
<center><h1>Reporter Management System</h1></center>
<div class="container">
<form class="form-signin" role="form" action ="" method="post">
<h2 class="form-signin-heading">Please sign in</h2>
<input type="email" name="username" class="form-control" placeholder="Email address" required autofocus>
<input type="password" name="password" class="form-control" placeholder="Password" required>
<br>
<div class="checkbox">
<label>
<input type="checkbox" value="remember-me">Remember me
<br>
</label>
</div>
<input name="submit"button class="btn btn-lg btn-primary btn-block" type="submit" value=" Sign in">
<span><?php echo $error; ?></span>
<br>
<a href="">Forgot your password?</a>
</body>
</html>
这是我的login.php页面
<?php
error_reporting( E_ALL );
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(-1);
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = "Username or Password is invalid";
}
else
{
// Define $username and $password
$usr=$_POST['username'];
$pwd=$_POST['password'];
// Establishing Connection with Server by passing server_name, user_id and password as a parameter
$con = mysql_connect("localhost", "root1", "oec@123") or die('Error Connecting to mysql server');
// To protect MySQL injection for Security purpose
$username = stripslashes($usr);
$password = stripslashes($pwd);
$username = mysql_real_escape_string($usr);
$password = mysql_real_escape_string($pwd);
// Selecting Database
$db=mysql_select_db('rms',$con);
// SQL query to fetch information of registerd users and finds user match.
$query = mysql_query("select username, password from login where password='$pwd' AND username='$usr'", $con) or die('Error querying database');
$rows = mysql_num_rows($query);
while ($rows = mysql_fetch_array($query)) {
$_SESSION['Sl_no']=$rows['Sl_no'];
if ($rows ==1)
{
// Initializing Session
header("location: admin.php"); // Redirecting To Other Page
}
elseif ($rows==2)
{
header("location: branchadmin.php");
}
elseif($rows==3)
{
header("location: accountant.php");
}
elseif($rows==4)
{
header("location: reporter.php");
}
else
{
$error = "Username or Password is invalid";
}
}
mysql_close($con); // Closing Connection
}
}
?>
最佳答案
我认为问题在于您在该区域的检索和条件语句
while ($rows = mysql_fetch_array($query)) {
$_SESSION['Sl_no']=$rows['Sl_no'];
if ($rows ==1)
{
由于登录页面每次都会重定向到 admin.php,这可能是因为您将返回的行数放入 $rows
变量中,例如 $rows = mysql_num_rows( $query);
如果它返回一行,这将满足您的 if ($rows ==1){header("location: admin.php");}
条件稍后检查...
只是一个有根据的(和/或没有受过教育的)猜测。
为什么不在数据库中放置一列来指示用户的访问级别。例如 user_level
或 admin = 1、branchadmin = 2、accountant = 3 等,然后进行检查并据此进行重定向。
因此,当您检查表单中的用户名和密码是否在数据库中时,如果是,那么您可以查看他们的用户级别,以了解将它们重定向到哪里。
if ($rows === 1){
$row_array = mysql_fetch_assoc($query);
if ($row_array['admin_level'] == 1){
header("location: admin.php"); // Redirecting To Other Page
}
elseif ($row_array['admin_level']==2){
header("location: branchadmin.php");
}
elseif($row_array['admin_level']==3){
header("location: accountant.php");
}
elseif($row_array['admin_level']==4){
header("location: reporter.php");
}
else{
$error = "Username or Password is invalid";
}
}
mysql_close($con); // Closing Connection
这有意义还是我误解了您想要实现的目标?
关于php - php多用户登录,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29241022/