0

我正在尝试创建两个单独的会话——一个用于用户是管理员,另一个用于用户是作者。$type 存储类型为枚举(可以是作者或管理员)。但是,我没有为我的会话获得唯一的会话 ID。我是 PHP 和 MySQL 的新手。有人可以告诉我代码中的错误在哪里。请帮忙

    <?php
      session_start();
    ?>


    <?php
    include("dbconnect.php");
    $con= new dbconnect();
    $con->connect();
    //create and issue the query
    $sql = "SELECT type FROM users WHERE username = '".$_POST["username"]."' AND password = PASSWORD('".$_POST["password"]."')";

    $result = mysql_query($sql);

    //get the number of rows in the result set; should be 1 if a match
    if (mysql_num_rows($result) == 1) {
       $type_num=0;
        //if authorized, get the values
          while ($info = mysql_fetch_array($result)) {
        $type =$info['type'];
        }

         if($type == "admin")
            {
             $_SESSION['type']=1;
             $u = 'welcome.php';
             header('Location: '.$u);  
            }
           else
            {
              $_SESSION['type']=$type_num;
              $u = 'welcome.php';
              header('Location: '.$u);


            }
        } 
          else {
            //redirect back to loginfailed.html form if not in the table
            header("Location: loginfailed.html");
            exit;
            }
            ?>

Welcome.php 如下:

<?php
  session_start();
?>

<html>
<body>
<h2>Welcome to SOD73.</h2>
<?
if($_SESSION['type']==1){
     echo "You are of the usertype Admin and your session id is ";
     echo session_id();
     session_destroy();
}
else {
echo "You are of the usertype Author and your session id is ";
echo session_id();
session_destroy();

}
?>

</body>
</html>
4

1 回答 1

1

您必须在文件中调用session_destroy( ) 之前使用 session_regenerate_id()welcome.php

于 2012-07-02T06:45:59.520 回答