如何写一个语句来判断用户是否是管理员?在 PHP 中
问题描述 投票:0回答:1
我的问题按照我的指示
您需要向成员表添加一个附加字段以指定谁是管理员。这将由数据库管理员(您)手动填充 在login.php文件中,您已经为成功登录的成员分配了一个会话id。您将需要编写一个if语句来确定用户是否是管理员,如果是,则也为该用户分配一个admin_id的会话(按照member_id的示例) 未登录和登录的导航栏是在index.php 中创建的。由于管理员必须是登录用户,因此对于拥有 $_SESSION['admin_id'] 的用户,您将在查看配置文件链接后添加另一个链接 (Admin)。此链接将打开 myadminpage.php(您将在稍后创建)。您已经在 index.php 文件顶部有一个 session_start(),因此您不必启动新会话。
我觉得我错过了一些东西,并且似乎无法仅在管理员登录时才显示管理员链接。
下面的代码是我的login.php
<?php
ob_start();
session_start();
if(isset($_SESSION['member_id']) != "") {
// redirects to the home page
header("Location: index.php");
}
if(isset($_SESSION['admin_id']) != "") {
// redirects to the home page
header("Location: index.php");
}
?><!DOCTYPE html>
<?php
// require the connection script, end if connection fails
require_once('_connect.php');
if(isset($_POST['login']) && ($_POST['login'] !== "")) {
$email = $_POST['email'];
$password = $_POST['password'];
$select = "SELECT * FROM members WHERE email = '$email'";
$query = mysqli_query($DBConnect, $select);
if($query) {
$row = mysqli_fetch_assoc($query);
if(password_verify($password, $row['password'])) {
if($row['admin_id'] == 1){
$_SESSION['admin_id'] = $row['id'];
}
// Assign session Id to the unique primary key in the table row
$_SESSION['member_id'] = $row['id'];
$fname = $row['fname'];
$lname = $row['lname'];
$_SESSION['member_name'] = "$fname $lname";
header("Location: index.php");
}
else {
$errorMessage = "Incorrect email or password.";
}
}
}
?>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="description">
<title>Chinese Zodiac Social Networking</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<style type="text/css">
body {
background-color: rgba(235,244,251,1);
}
</style>
</head>
<body>
<?php require('includes/_site_nav.php'); ?>
<section class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<form role="form" action="login.php" method="post" name="login_form">
<fieldset>
<legend>Login</legend>
<div class="form-group">
<label for="email">Email</label>
<input type="email" name="email" placeholder="Your Email" required class="form-control">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" placeholder="Your Password" required class="form-control">
</div>
<div class="form-group">
<input type="submit" name="login" value="Log In" class="btn btn-info">
</div>
</fieldset>
</form>
<?php
if(isset($errorMessage)) echo "<span class='text-danger'>$errorMessage</span>";
?>
</div>
</div>
<div class="row">
<div class="col-md-4 col-md-offset-4 text-center">
<p>Need an account? <a href="register.php">Register here.</a></p>
</div>
</div>
</section>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous"></script>
<script src="js.bootstrap.min.js"></script>
</body>
</html>
下面的代码是我的index.php
<?php session_start(); ?><!DOCTYPE html>
<?php
require_once('_connect.php');
require_once("includes/_functions.php")
?>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no">
<meta name="description" content="description">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<title>Chinese Zodiac Social Networking</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/css/bootstrap.min.css" integrity="sha256-MfvZlkHCEqatNoGiOXveE8FIwMzZg4W85qfrfIFBfYc=" crossorigin="anonymous" />
<style type="text/css">
body {
background-color: rgba(235,244,251, 1);
}
</style>
<body>
<?php require('includes/_site_nav.php'); ?>
<div class="container">
<!-- start of dynamic section -->
<?php
if (isset($_SESSION['member_id'])) {
switch($_GET['page']) {
case 'member_profile':
include "includes/_view_member_profile.php";
break;
case 'update_profile':
include "includes/_update_member_profile.php";
break;
case 'login':
include "includes/login.php";
break;
case 'change_password':
include "includes/inc_change_password.php";
break;
default:
include "includes/inc_welcome.php";
break;
} //ends switch
} //ends if
else
{
// If the session id is not set, then display the default page
include "includes/inc_home.php"; // the default page
} //ends else
?>
</div>
<!--Start Bootstrap scripts--->
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js" integrity="sha256-Sk3nkD6mLTMOF0EOpNtsIry+s1CsaqQC1rVLTAy+0yc=" crossorigin="anonymous"></script>
<!--End Bootstrap scripts-->
</body>
</head>
</html>
下面的代码是我的 _site_nav.php (在我的包含文件中)
<nav class="navbar navbar-default" role="navigation">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#cz_navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="index.php">Chinese Zodiac Social Networking</a>
</div>
<div class="collapse navbar-collapse" id="cz_navbar">
<ul class="nav navbar-nav navbar-right">
<?php if (empty($_SESSION['member_id'])===FALSE && empty($_SESSION['member_name'])===FALSE): ?>
<li class="navbar-text">Signed in as <?= $_SESSION['member_name']; ?></li>
<li><a href="logout.php">Log Out</a></li>
<li><a href="view_member_list.php">View Profiles
<?php elseif (empty($_SESSION['admin_id']) ===FALSE ): ?>
<li><a href="myadminpage.php">Admin</a></li>
<?php else: ?>
<li><a href="login.php">Login</a></li>
<li><a href="register.php">Register</a></li>
<li><a href="view_member_list.php">View Profiles</a></li>
<?php endif; ?>
</ul>
</div>
</div>
</nav>
我的数据库的图像
导航栏的输出应显示为:
Signed in as [user signed in] Log Out View Profiles Admin
如上所述,我无法让管理员仅在管理员登录时才显示。我反复获得的当前输出是常规会员导航栏。
1个回答
0
投票
投票
两大问题:
需要检查是否找到电子邮件。改变login.php
if(password_verify($password, $row['password'])) {
到
if($row && password_verify($password, $row['password'])) {
不显示管理页面链接,因为您仅在未设置index.php
时检查$_SESSION['admin_id']
。但是当用户是管理员时,这两个变量都会被设置。所以改变$_SESSION['user_id']
<?php elseif (empty($_SESSION['admin_id']) ===FALSE ): ?>
到
<?php if (isset($_SESSION['admin_id'])): ?>
最新问题
- 如何正确地将子元素定位到其父元素?
- 使用反应式表单和 ChangeDetectionStrategy.OnPush 显示验证消息
- Javascript:类型错误:无法读取未定义的属性(读取“startsWith”)
- 核心网络生命力评估问题 - 失败
- 与 JsonResponse 相比,Django Rest Framework 有哪些优势?
- PeriodicWorkRequest 状态卡在 Enqueued
- 与返回 JsonResponse 相比,使用 Django Rest Framework 有什么好处?
- 如何在 on_member_join()discord.py 中向成员发送私人消息?
- 为什么我无法在我的设备上安装最新的 iOS 17 开发者测试版?
- 在行内框中设置行高会使 CSS 中的高度变得奇怪
- 在程序集中找不到上下文类型
- 在 Python 中使用 JMESPath 访问字典中的值
- 粘性元素和相对元素兄弟的混淆
- Spring Boot 3 / Tomcat 10 - 处理无效的cookie
- Flan-T5 参数说明
- 在gitHUB中为100个项目创建环境变量
- PHP:将类方法限制为相关类
- 如果我想在 Vue.js 中创建前端,我应该使用 Django 还是 Django Rest Framework?
- spring返回带请求的xml pojo类
- traefik 不会将 http 重定向到 https
© www.soinside.com 2019 - 2024. All rights reserved.