3

I want to show different content if a user is admin(2), or noarmal user(1). Login works fine, but i don't know hot to check if a user have 'usertype' 1 or 2? I want to use PHP $_SESSION.

This is my login form:

<!-- Log in -->
<form method="post" action="authentication.php">
  <input type="text" name="userid" placeholder="E-mail" required/>
  <input type="password" name="password" placeholder="Password" required/><br>
  <button type="submit" name="submit" class="btn">Log in</button>
</form>

This is my authentication.php:

session_start();
if(isset($_POST['userid']) && isset($_POST['password'])){
$userid     = $_POST['userid'];
$password   = $_POST['password'];

$dbc        = mysqli_connect('localhost', 'root', '', 'news');
if(!$dbc){
echo "Cannot connect to database";
exit;
}

$query      = "SELECT * FROM users_tbl WHERE email = '$userid' AND password = sha1('$password')";
$result     = $dbc->query($query);
if($result->num_rows)
{
$_SESSION['valid_user'] = $userid;
}
$dbc->close();
}
if(isset($_SESSION['valid_user'])){
header("location:prefs.php");
}else{
header("location:login.php");
echo 'Error';
}

This is what i have tried:

    <?php 

    mysql_connect('localhost', 'root', '');
    mysql_select_db('news');

    $sql = "SELECT users_tbl.usertype FROM users_tbl";
    $result = mysql_query($sql); 
    $user = mysql_fetch_array($result);
    $_SESSION['user'] = $user['user']; 
    $_SESSION['usertype'] = $user['usertype'];        

    if($_SESSION['user']['usertype'] == 2)
    {?>
    <h1>Only admin stuff</h1>

    <$? }//Endif user is admin(2) ?>

Maybe instead of doing the query for everytime to check if a user is admin, i could save a $_SESSION['usertype'], and then use this to check if a user is 2, for admin, maybe when a user is loggin in? But i do not know how to do this. I'm quite new at this.

4

4 回答 4

3

尝试这个

   if($_SESSION['usertype'] == 2)
{
   //do stuff here 
}
 if ($_SESSION['usertype']) == 1)

 {
 //do stuff here 
 }

编辑:如果您不想写这么多东西,而只想在其中一个用户中包含管理内容,请执行此操作

  if ($_SESSION['usertype']) == 1 or $_SESSION['usertype']) == 2)

   {
              //do stuff here for them both admin and users
         if($_SESSION['usertype'] == 2 ) 
                                   {
                                  //do extra stuff here for only admin 
                                    }
   }
于 2012-12-18T12:34:49.530 回答
2

我意识到这是一个老问题,但是我上周一直在网上搜索这个问题的答案,因为我遇到了类似的问题。“echo_Me”有答案,但我看到一些不正确的语法。在本地服务器上玩弄它之后,这就是我所做的。

if($_SESSION['usertype']) == 1 or $_SESSION['usertype']) ==2)
//> start           end <                          end <    < end
 {
    //do stuff here for them both admin and users
    if($_SESSION['usertype'] == 2)
     {
      //Do other stuff for usertype 2
     }
  }

你有更多的结束括号然后你开始了。当我为我的网站运行登录脚本时,我设置了我需要的所有会话变量。因此,如果我需要一个会话变量,我将如何处理它:

if($_SESSION['user']['usertype'] == 1 OR $_SESSION['user']['usertype'] == 2) { ?>
// Do Stuff for normal user and admin
    <?php } if($_SESSION['user']['usertype'] == 2) { ?>
      // DO Stuff for admin only
    <?php } ?>

如您所见,第一个 if 语句只有一组括号。实际上,您可以删除一些 php 代码,然后只执行常规的 html/css 标记,然后为 2 的用户类型执行 if 语句以供管理员使用。

<!-- HTML Markup for both Admin and Regular Users Goes Here above if statement -->
<?php if($_SESSION['user']['usertype'] == 2 { ?>
  // Markup for Admin only
<?php } ?>

另外,我建议不要在会话变量中设置密码。在那个代码中,你可能没有这样做,我只是不熟悉 mysqli,因为我使用 PDO。

于 2015-06-15T06:01:18.977 回答
0

尝试将具有用户类型的列添加到该表。从表中获取数据时检查该列的值。如果值为admin,则显示文本,否则不显示。

于 2012-12-18T12:44:25.980 回答
0

您可以使用会话变量保存您的用户类型

登录后,您需要使用用户类型 1 或 2 检查 db,并将该变量与会话变量(如 $_SESSION['user_type'])一起存储。

因此,您可以在此基础上进行跟踪。

于 2012-12-18T12:35:39.213 回答