我通过由用户的权限组成的内爆将值添加到user_privilege列 (7gz,agt_courses,newbill,new_Trainee)=>它们中的每一个都是真实的打开(例如:新的页面)或不是用户许可 在数据库中“登录”表的user_privilege列中 换句话说,我想检查用户是否登录了他的许可,如果它已经说出了新的帐单许可,他可以打开新的页面,如果他不能打开这个页面。
数据库中的登录表如下:
**username username2 user_privilege**
amal amal 7gz,agt_courses,newbill
ahmed ahmed dataDisplay,previllige,newUsers
$username = $_POST['username'];
$username2 = $_POST['username2'];
if($username && $username2)
{
$finduser = mysqli_query($link,"SELECT * FROM LOGIN
WHERE username='".$username."' AND username2='".$username2."' AND FIND_IN_SET('Customers', user_previllige)") or die("error");
if(mysqli_num_rows($finduser) !=0)
{
while($row = mysqli_fetch_array($finduser))
{$uname = $row['username'];
$uname2 = $row['username2'];}
}
if($username == $uname && $username2 == $uname2 )
{$_SESSION['sessionname'] =$uname;
$_SESSION['sessionname2'] =$uname2;
header ("location:../customers/cutomer.php");}
else echo '<script>function
{alert(you have not permission to open this page)}</script>';
}
任何身体都在帮助我吗?
答案 0 :(得分:1)
function check($sPermission, $sColumnValue)
{
$aPerm = explode(',', $sColumnValue);
return (!empty($aPerm) && in_array($sPermission, $aPerm));
}
我希望您知道如何从db中选择数据,因此调用将如下所示:
check('newbill', '7gz,agt_courses,newbill');