我修改了登录文件,将用户重定向到指定的页面,但我的代码只是将每个用户重定向到第一个选项(rd)。但我的代码只是将每个用户重定向到第一个选项(rd)。pd部门下的用户被引导到rd页面。我的代码如下。注意:如果有漏洞,请忽略SQL注入注释...... 我的db表除了名字之外,还包括了访问级别(admin & user)部门(rd & pd)这几列。
<?php
if(!isset($_SESSION)){
session_start();
}
include_once("connections/connection.php");
$con = connection();
if(isset($_POST['login'])){
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM users_table WHERE username = '$username' AND password = '$password'";
$user = $con->query($sql) or die ($con->error);
$row = $user->fetch_assoc();
$total =$user->num_rows;
if($total > 0 AND $department=rd){
$_SESSION['UserLogin'] = $row['username'];
$_SESSION['Access'] = $row['access'];
$_SESSION['Fname'] = $row['fname'];
$_SESSION['Lname'] = $row['lname'];
$_SESSION['Department'] = $row['department'];
echo $_SESSION['UserLogin'];
echo header("Location: index_rd.php");}
else if($total > 0 AND $department=pd){
$_SESSION['UserLogin'] = $row['username'];
$_SESSION['Access'] = $row['access'];
$_SESSION['Fname'] = $row['fname'];
$_SESSION['Lname'] = $row['lname'];
$_SESSION['Department'] = $row['department'];
echo $_SESSION['UserLogin'];
echo header("Location: index_proc.php");}
else{
echo "No user found.";
}
}
?>
我想你也得到了错误?
$department=rd 是一个赋值(对一个未定义的常量!)。
$department == 'rd' 是一个有效的比较。
另外,根据你的代码。$department 是未定义的。你会想使用 $row['department'] 来代替。说真的,把你的PHP错误报告提高一两个档次,这对你会有很大帮助。)