-3

我有这个代码,它必须过滤管理员的权限,我什至做了仔细检查。但这似乎不起作用。

代码 : 

<?php
    include("db.php");
    $result=mysql_query("SELECT * FROM members where admin='true' AND admincheck='1'");
    while($test = mysql_fetch_array($result)) {
        echo"<li><a href='archief.php'><span>archief</span></a></li>";
    }
    mysql_close($conn);
?>

数据库: 

CREATE TABLE `members` (
`member_id` int(11) unsigned NOT NULL,
`admin` varchar(5) NOT NULL default 'false',
`admincheck` int(1) NOT NULL default '0',
`firstname` varchar(100) default NULL,
`lastname` varchar(100) default NULL,
`mail` varchar(150) NOT NULL,
`login` varchar(100) NOT NULL default '',
`passwd` varchar(32) NOT NULL default '',
PRIMARY KEY  (`member_id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1;


INSERT INTO `members` (`member_id`, `admin`, `admincheck`, `firstname`, `lastname`,   `mail`, `login`, `passwd`) VALUES 
(607, 'true', 1, '---', '----', '---', '---', '---'),
4

1 回答 1

1

您需要将当前登录的会员ID放入查询中,因此假设您将登录的用户存储在会话中:

$member_id = (int)$_SESSION['member_id'];
$result=mysql_query("SELECT * FROM members where member_id = '$member_id' AND admin='true' AND admincheck='1' LIMIT 1");

if($result && mysql_num_rows($result) == 1)
{
    // user is an admin, show secret links
    echo "<li><a href='archief.php'><span>archief</span></a></li>";
}
于 2012-12-04T11:58:56.297 回答