2

大家好,我是php的新手。我制作了一个登录脚本,在页面加载时不会显示任何错误。它登录并重定向到个人资料页面,但标题栏不会根据用户级别更改我检查了根据我观看的教程进行的更改,但没有成功。

这是我的代码。

连接到数据库:

<?php
//error_reporting(0);
session_start();?>
<?php
$con = new mysqli('localhost', 'root', '', 'tl');
if($con->connect_errno > 0){
    die('Sorry, We\'re experiencing some connection problems.');
}
?>

功能:

<?php
    function loggedin(){
        if(isset($_SESSION['user_id'])){
            return true;
        }else{
            return false;
        }
    }
?>

标题栏:

    <div>
    <?php
        if(loggedin()==true){
            $user_id=$_SESSION['user_id'];
            $log=$con->prepare("SELECT username,user_level FROM users WHERE user_id='$user_id'");
            $log->execute;
            $log->bind_result($username, $user_level,$user_id);
            $log->store_result;
            if($log->fetch()) //fetching the contents of the row
            {
                if($user_level=='a'){?>
                    <a href = 'index.php'>Home</a>
                    <a href = 'profile.php'>Profile</a>
                    <a href = 'admin.php'>Admin</a>
                    <a href = 'index.php'>Log Out</a>
                <?php
                }if($user_level=='m'){?>
                    <a href = 'index.php'>Home</a>
                    <a href = 'profile.php'>Profile</a>
                    <a href = 'index.php'>Log Out</a>
                <?php
                }
            }?>
        <?php
        }?><a href = 'index.php'>Home</a>
                    <a href = 'login.php'>Login</a>
                    <a href = 'register.php'>Register</a>
        <?php}
    ?>

</div>

索引页:

<html>
<head>
<title>LOGIN</title>
</head>
<body>
<?php include 'connect.php';?>
<?php include 'functions.php';?>
<?php include 'titlebar.php';?>
Index

</body>
</html>

登录页面:

<html>
<head>
<title>LOGIN</title>
</head>
<body>
<?php include 'connect.php';?>
<?php include 'functions.php';?>
<?php include 'titlebar.php';?>

<h3>LOGIN HERE:</h3>
<form action ="" method="post">

User Name:<br/>
<input type='text' name='username' />
<br/><br/>
Password:<br/>
<input type='password' name='password' />
<br/><br/>
<input type='submit' name='submit' value='login'>
</form>
<?php

if(isset($_POST['submit'])){
    $username = $_POST['username'];
    $password = md5($_POST['password']);


    $stmt = $con->prepare("SELECT user_id, username, password, status FROM users WHERE username=? AND password=? LIMIT 1");
    $stmt->bind_param('ss', $username, $password);
    $stmt->execute();
    $stmt->bind_result($user_id, $username, $password, $status);
    $stmt->store_result();
    if($stmt->num_rows == 1)  //To check if the row exists
        {
            if($stmt->fetch()) //fetching the contents of the row
            {
               if ($status == 'd') {
                   echo "YOUR account has been DEACTIVATED.";
                   exit();
               } 
               if ($status == 'b') {
                   echo "YOUR account has been BANNED.";
                   exit();
               } 
               if ($status == 'n') {
                   echo "YOUR account has NOT YET BEEN ACTIVATED.";
                   exit();
               } 
               else {
                   $_SESSION['loggedin'] = 1;
                   $_SESSION['user_id'] = $user_id;
                   $_SESSION['username'] = $username;
                    header('Location: index.php');
                    exit();
               }
           }

    }
    else {
        echo "INVALID USERNAME/PASSWORD Combination!";
    }
    $stmt->close();
}
else 
{   

}
$con->close();

?>
</body>
</html>

个人资料页:

<html>
<head>
<title>PROFILE</title>
</head>
<body>
<?php include 'connect.php';?>
<?php include 'functions.php';?>
<?php include 'titlebar.php';?>
PROFILE</br>
<?php
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true) {
    echo "Welcome to the member's area, " . $_SESSION['username'] . "!";
} else {
    echo "Please log in first to see this page.";
}
?>
</body>
</html>

登出:

 <?php
 include 'connect.php';
 include 'functions.php';
 session_destroy();
 header('location: index.php');
 ?>

有什么我应该改变来完成这项工作的吗?登录后标题栏不会更改为管理员或会员菜单。任何帮助将不胜感激。

谢谢你。

4

2 回答 2

0

@Musa 确定了第一个问题 -

'session_start()';

应该

session_start(); // without quotes

基于您评论中的Notice/ Warning
改变 -

$log=$con->prepare("SELECT username,user_level FROM users WHERE user_id='$user_id'");
$log->execute;
$log->bind_result($username, $user_level,$user_id);
$log->store_result;

to(注意根据http://www.php.net/manual/en/mysqli-stmt.store-result.php#99159store_result()需要在之前bind_result())-

$log=$con->prepare("SELECT username,user_level, user_id FROM users WHERE user_id='$user_id'"); // have 3 bind_result, but query only had 2
$log->execute(); // missing ()
$log->store_result(); // missing ()
$log->bind_result($username, $user_level,$user_id); // have 3 bind_result, but query only had 2

此外,由于您使用的是prepare(),因此您应该在 sql 语句中使用参数标记,即。:user_id

$log=$con->prepare("SELECT username,user_level, user_id FROM users WHERE user_id=:user_id"); // have 3 bind_result, but query only had 2
$log->execute(array(:user_id=>$user_id)); // missing ()
$log->store_result(); // missing ()
$log->bind_result($username, $user_level,$user_id); // have 3 bind_result, but query only had 2

编辑
以解决您的菜单问题。您缺少else{最后一个菜单组之前的

 } else { ?><a href = 'index.php'>Home</a>
   ^^^^^^
                <a href = 'login.php'>Login</a>
                <a href = 'register.php'>Register</a>
 <?php } // also put a space between the opening tag and the curly bracket.
于 2013-07-06T02:53:31.877 回答
0

除了@Sean 所说的缺少()之外,我不明白为什么你有session_start()单引号。尝试这个:

if ( !isset($_SESSION) ) session_start();

如果由于某种原因会话已经启动并且您调用了,session_start()那么它将生成关于会话已经开始并且session_start()被忽略的警告。该警告可能不会打扰您,但要完全消除它,请执行上面的 if 语句。

如果您只想为已登录的人启动会话:

// At the top of the pages.
if ( !isset($_SESSION) && isset($_COOKIE[session_name()]) ) session_start();

// After the if ( isset($_POST) ) on the login screen
if ( !isset($_SESSION) ) session_start();
于 2013-07-06T03:01:25.393 回答