为用户和管理员创建登录

时间:2015-11-21 12:13:13

标签: php sql pdo

我已设法为用户创建登录但是现在尝试实施管理员登录任何帮助都会受到赞赏,到目前为止我有:

        $query = "
        SELECT
            id,
            username,
            password,
            salt,
            email,
    firstname,
    admin
        FROM users
        WHERE
            username = :username 
    ";


    $query_params = array(
        ':username' => $_POST['username']
    );

    try
    {

        $stmt = $db->prepare($query);
        $result = $stmt->execute($query_params);

    }
    catch(PDOException $ex)
    {
    $ex->getMessage().

        die("Failed to run query: " . $ex->getMessage());
    }

    $login_ok = false;
    $row = $stmt->fetch();
    if($row)
    {

        $check_password = hash('sha256', $_POST['password'] .  
        $row['salt']);
        for($round = 0; $round < 65536; $round++)
        {
            $check_password = hash('sha256', $check_password .  
            $row['salt']);
        }

        if($check_password === $row['password'])
        {

            $login_ok = true;
        }
    }



    if($login_ok)
    {
        unset($row['salt']);
        unset($row['password']);



    $_SESSION['user'] = $row;
    $_SESSION['admin'] = $admin;




        header("Location: private.php");
        die("Redirecting to: private.php");
    }

    $admin = $row["admin"]==1;

    if($admin){
    header("Location: memberlist.php");
    }

    if(!$admin){
    header("Location: private.php");
    }



    else
    {
        // Tell the user they failed
        print("Login Failed.");

在我的数据库中,我将admin字段设置为boolean defualt值为1。

1 个答案:

答案 0 :(得分:0)

我使用默认值admin更改了字段类型并添加了if语句,现在我有一个管理员用户和一个普通用户,并且页面根据用户级别重定向。 

     if($_SESSION['user']['type'] == 'admin') { header("location:  
     memberlist.php");  }

 else
     header("Location: private.php");
     die("Redirecting to: private.php");
    }
相关问题
最新问题