1

假设我在 SQL 数据库中有两个用户。在表列中,authority一列是Administrator,另一列是user

我的问题是,如果我以管理员身份登录,在表单刷新之前,会回显$_SESSION['Authentication']“管理员”,但在表单刷新后 $_SESSION['Authentication']` 会回显为“用户”。

我的代码哪里出了问题,导致表单刷新后$_SESSION['Authentication'] = 'user'应该出现在哪里?$_SESSION['Authentication'] = 'Administrator'

代码 :

Session started at the beginning.... 
then this follows.

<?php

include ("connect_db/index.php"); 
if(isset($_SESSION['loggedUser']))
    {
    echo "<form action='signoff/index.php'><div id='four'>Welcome&nbsp". $_SESSION['loggedUser']."&nbsp;! &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    <input type='submit' name='soff' id='soff' class='sout' value='Sign off'></div></form>";
    echo "You are the : ".$_SESSION['Authentication']." of the site.";
    }
else
    { 
    ?><div id='one'><?php
        echo "
        <div id='u2'>
                <form name='form1' method='post' action='''>
                  <table border='1' style='width:520px; bordercolor:#FFFFFF;'>
                    <tr>
                      <td style='width:30px;'>User&nbsp;Name:&nbsp;&nbsp;</td>
                      <td style='width:80px;'><label for='textfield'></label>
                        <input type='text' maxlength='12' name='UnameZoom' id='UnameZoom' class='txss'></td>
                      <td style='width:30px;'>&nbsp;Password:&nbsp;&nbsp;</td>
                      <td style='width:80px;'><label for='txss'></label>
                        <input type='password' maxlength='12' name='PwordZoom' id='PwordZoom' class='txss'></td>
                      <td>&nbsp;<input type='submit' name='loggedUser' id='loggedUser' class='mylog' value='Login'></td>
                    </tr>
                  </table>
                </form>
                <p>&nbsp;</p>
                <p>&nbsp;</p>

        </div>";    
    ?></div><?php

    if(isset($_POST['loggedUser']))
        {
            ?><div id='two'><?php
            $un = $_POST['UnameZoom'];
            $pw = $_POST['PwordZoom'];

            if($un=='' || $pw == '')
            {echo "<div id='three'>Empty Fields</div>";} 
            else {

                    $SQL = "SELECT pword FROM users WHERE username='$un'";
                    $resultA = mysqli_query($db,$SQL) or die ("SQL Error!!!");
                    $row = mysqli_fetch_array($resultA);

                    if($pw == $row['pword'])
                    {
                        $resultB = mysqli_query($db,"SELECT fname AS Lna FROM users WHERE username='$un'"); 
                        $rowB = mysqli_fetch_assoc($resultB); 
                        //$sum = $rowB['Lna'];
                        $_SESSION['loggedUser'] = $rowB['Lna'];

                        $resultC = mysqli_query($db,"SELECT authority AS Auth FROM users WHERE username='$un'"); 
                        $rowC = mysqli_fetch_assoc($resultC); 
                        unset($_SESSION['Authentication']);
                        $_SESSION['Authentication'] = $rowC['Auth'];


                        header("refresh:3;");
                        //echo "<div id='four'>Welcome&nbsp". $_SESSION['loggedUser']."&nbsp!</div>";

                    }
                    else
                    {
                    echo "<div id='three'>No user found</div>";
                    }
                }   
                ?></div><?php
        }   
    }
?>

// 这是我试图回显的地方

 <div id="contentLog">
   <?php
if(isset($_SESSION['Authentication']))
   {echo $_SESSION['Authentication'];}
    ?>

4

2 回答 2

0

请使用这个条件

if($_POST['loggedUser'] != "")
{

}
于 2013-09-07T17:04:44.297 回答
0

header("refresh:3;");让我怀疑。可能是相关的。session_write_close()打电话前加header()?回session_id()显以查看刷新是否创建了新的空白会话,或者您是否有逻辑错误。

于 2013-09-07T17:19:12.213 回答