如何定义我的 $_SESSION['amyusername']; 和 $_SESSION['amypassword']; 适当地?
完整代码:
$host = "localhost";
$username = "root";
$password = "";
$db_name = "login";
$tbl_name = "medlemmer";
if ($_POST['amyusername'] && $_POST['amypassword']) {
//Opret forbindelse til Databasen via MySQL.
mysql_connect("$host", "$username", "$password") or die ("Kunne ikke oprette forbindelse til databasen!");
mysql_select_db("$db_name");
$amyusername = mysql_real_escape_string($_POST['amyusername']);
$amypassword = mysql_real_escape_string($_POST['amypassword']);
$amypassword = md5($amypassword);
$sql = "SELECT * FROM $tbl_name WHERE Brugernavn = '$amyusername' AND Password = '$amypassword' ";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
if ($count == 1) {
while($row = mysql_fetch_array($result)) {
if($row["Rank"] == "C") {
$_SESSION['amyusername'];
$_SESSION['amypassword'];
header("Location: admin_success.php");
}
else {
echo "Du er ikke Admin!";
header("refresh: 3, admin.php");
}
}
}
else {
echo "Indtast et gyldig ADMIN login";
header("refresh: 3, admin.php");
}
}
else {
echo "Du skal indtaste et brugernavn og password!";
header("refresh: 3, admin.php");
}
?>
代码定义不正确的地方:
if($row["Rank"] == "C") {
$_SESSION['amyusername'];
$_SESSION['amypassword'];
header("Location: admin_success.php");
}
它只是通过并让所有人进入,无论他们是管理员还是非管理员。我已经尝试了 3 个小时让它工作。可能是因为 $SESSION['amyusername']; 和 $SESSION['amypassword']; 没有正确定义还是什么?我不知道我应该怎么做。