) 我正在开发一个有3个用户(管理员,教师和学生)的登录系统,所有这些用户都有自己的功能和界面。我希望所有这些用户一起一次登录,如果可能的话,我不确定。
我的数据库中有一行角色('管理员','老师','学生')我想根据“角色”直接登录,所以管理员将重定向到管理员主页,老师到老师主页和学生到学生主页。管理员页面只能由教师管理员查看教师页面,学生页面只能由学生查看。你可能得到我的意思。
问题:: 如何进行登录以便检查是否是管理员/教师/学生?当他们登录时,我如何才能使该用户的特定主页仅由该类型的用户启用?
<?php
session_start();
$mysqli=new MySQLi("localhost", "root", "", "hws");
$role="";
$username=filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$password=filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
if($query=$mysqli->prepare("SELECT `role` FROM members WHERE username=? AND password=?"))
{
$query->bind_param("ss", $username, $password);
$query->execute();
$query->bind_result($role);
$query->fetch();
}
else
{
echo "Errors in the Query. ".$mysqli->error;
die();
}
if($role!="")
{
$_SESSION['ingelogt']=$username;
$_SESSION['user_role']=$role;
$location="$role.php"; // If role is admin this will be admin.php, if student this will be student.php and more.
header("location: $location"); // Redirect to the respective pages.
}
else
{
echo "Invalid password, username combination";
}
?>
和用户页面的示例
<?php
session_start()
if(!isset($_SESSION['ingelogt']))
{
header("location: index.php"); // The user is not logged in. Redirect him to the login page.
}
$page_role="leerling"; // This must be admin for admin.php and student for student.php and similar
$role=$_SESSION['user_role'];
if($role!=$page_role) // If student come to admin page by mistake or admin to student and similar
{
echo "You are not supposed to be here.";
die();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Home</title>
<link rel="stylesheet" href="css/style.css">
<link rel="stylesheet" href="css/fontello.css">
</head>
<body>
<div class="siteContainer">
<div class="navLeft">
<a href="overzicht.php">
<img src="../../img/logo.png" alt="HWSysteem" class="mainLogo">
</a>
</div>
</div>
</body>
</html>
答案 0 :(得分:1)
由于我对准备好的陈述感到满意,所以我在这里使用它。这是一个符合您要求的简单逻辑示例。
<?php
session_start();
$mysqli=new MySQLi("localhost", "USER_NAME_HERE", "PASSWORD_HERE");
$role="";
$username=filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$password=filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
if($query=$mysqli->prepare("SELECT `role` FROM members WHERE username=? AND password=?"))
{
$query->bind_param("ss", $username, $password);
$query->execute();
$query->bind_result($role);
$query->fetch();
}
else
{
echo "Errors in the Query. ".$mysqli->error;
die();
}
if($role!="")
{
$_SESSION['ingelogt']=$username;
$_SESSION['user_role']=$role;
$location="$role.php"; // If role is admin this will be admin.php, if student this will be student.php and more.
header("location: $location"); // Redirect to the respective pages.
}
else
{
echo "Invalid password, username combination";
}
?>
And in your admin.php, student.php
<?php
if(!isset($_SESSION['ingelogt']))
{
header("location: login.php"); // The user is not logged in. Redirect him to the login page.
}
$page_role="admin"; // This must be admin for admin.php and student for student.php and similar
$role=$_SESSION['user_role'];
if($role!=$page_role) // If student come to admin page by mistake or admin to student and similar
{
echo "You are not supposed to be here.";
die();
}
?>