如何写一个语句来判断用户是否是管理员?在 php 中(已解决)
问题描述 投票:0回答:2
我的问题按照我的指示
您需要向成员表添加一个附加字段以指定谁是管理员。这将由数据库管理员(您)手动填充 在login.php文件中,您已经为成功登录的成员分配了一个会话id。您将需要编写一个if语句来确定用户是否是管理员,如果是,则也为该用户分配一个admin_id的会话(按照member_id的示例) 未登录和登录的导航栏是在index.php 中创建的。由于管理员必须是登录用户,因此对于拥有 $_SESSION['admin_id'] 的用户,您将在查看配置文件链接后添加另一个链接 (Admin)。此链接将打开 myadminpage.php(您将在稍后创建)。您已经在 index.php 文件顶部有一个 session_start(),因此您不必启动新会话。
我觉得我错过了一些东西,并且似乎无法仅在管理员登录时才显示管理员链接。
下面的代码是我的login.php
<?php
ob_start();
session_start();
if(isset($_SESSION['member_id']) != "") {
// redirects to the home page
header("Location: index.php");
}
if(isset($_SESSION['admin_id']) != "") {
// redirects to the home page
header("Location: index.php");
}
?><!DOCTYPE html>
<?php
// require the connection script, end if connection fails
require_once('_connect.php');
if(isset($_POST['login']) && ($_POST['login'] !== "")) {
$email = $_POST['email'];
$password = $_POST['password'];
$select = "SELECT * FROM members WHERE email = '$email'";
$query = mysqli_query($DBConnect, $select);
if($query) {
$row = mysqli_fetch_assoc($query);
if(password_verify($password, $row['password'])) {
if($row['admin_id'] == 1){
$_SESSION['admin_id'] = $row['id'];
}
// Assign session Id to the unique primary key in the table row
$_SESSION['member_id'] = $row['id'];
$fname = $row['fname'];
$lname = $row['lname'];
$_SESSION['member_name'] = "$fname $lname";
header("Location: index.php");
}
else {
$errorMessage = "Incorrect email or password.";
}
}
}
?>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="description">
<title>Chinese Zodiac Social Networking</title>
<link href="css/bootstrap.min.css" rel="stylesheet">
<style type="text/css">
body {
background-color: rgba(235,244,251,1);
}
</style>
</head>
<body>
<?php require('includes/_site_nav.php'); ?>
<section class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<form role="form" action="login.php" method="post" name="login_form">
<fieldset>
<legend>Login</legend>
<div class="form-group">
<label for="email">Email</label>
<input type="email" name="email" placeholder="Your Email" required class="form-control">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" placeholder="Your Password" required class="form-control">
</div>
<div class="form-group">
<input type="submit" name="login" value="Log In" class="btn btn-info">
</div>
</fieldset>
</form>
<?php
if(isset($errorMessage)) echo "<span class='text-danger'>$errorMessage</span>";
?>
</div>
</div>
<div class="row">
<div class="col-md-4 col-md-offset-4 text-center">
<p>Need an account? <a href="register.php">Register here.</a></p>
</div>
</div>
</section>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous"></script>
<script src="js.bootstrap.min.js"></script>
</body>
</html>
下面的代码是我的index.php
<?php session_start(); ?><!DOCTYPE html>
<?php
require_once('_connect.php');
require_once("includes/_functions.php")
?>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no">
<meta name="description" content="description">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<title>Chinese Zodiac Social Networking</title>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/css/bootstrap.min.css" integrity="sha256-MfvZlkHCEqatNoGiOXveE8FIwMzZg4W85qfrfIFBfYc=" crossorigin="anonymous" />
<style type="text/css">
body {
background-color: rgba(235,244,251, 1);
}
</style>
<body>
<?php require('includes/_site_nav.php'); ?>
<div class="container">
<!-- start of dynamic section -->
<?php
if (isset($_SESSION['member_id'])) {
switch($_GET['page']) {
case 'member_profile':
include "includes/_view_member_profile.php";
break;
case 'update_profile':
include "includes/_update_member_profile.php";
break;
case 'login':
include "includes/login.php";
break;
case 'change_password':
include "includes/inc_change_password.php";
break;
default:
include "includes/inc_welcome.php";
break;
} //ends switch
} //ends if
else
{
// If the session id is not set, then display the default page
include "includes/inc_home.php"; // the default page
} //ends else
?>
</div>
<!--Start Bootstrap scripts--->
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js" integrity="sha256-Sk3nkD6mLTMOF0EOpNtsIry+s1CsaqQC1rVLTAy+0yc=" crossorigin="anonymous"></script>
<!--End Bootstrap scripts-->
</body>
</head>
</html>
下面的代码是我的 _site_nav.php (在我的包含文件中)
<nav class="navbar navbar-default" role="navigation">
<div class="container-fluid">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#cz_navbar">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="index.php">Chinese Zodiac Social Networking</a>
</div>
<div class="collapse navbar-collapse" id="cz_navbar">
<ul class="nav navbar-nav navbar-right">
<?php if (empty($_SESSION['member_id']) === FALSE && empty($_SESSION['member_name']) === FALSE) : ?>
<li class="navbar-text">Signed in as <?= $_SESSION['member_name']; ?></li>
<li><a href="logout.php">Log Out</a></li>
<li><a href="view_member_list.php">View Profiles
<?php elseif (empty($_SESSION['admin_id']) === FALSE) : ?>
<li><a href="myadminpage.php">Admin</a></li>
<?php else : ?>
<li><a href="login.php">Login</a></li>
<li><a href="register.php">Register</a></li>
<li><a href="view_member_list.php">View Profiles</a></li>
<?php endif; ?>
</ul>
</div>
</div>
</nav>
我的数据库的图像
导航栏的输出应显示为:
Signed in as [user signed in] Log Out View Profiles Admin
如上所述,我无法让管理员仅在管理员登录时才显示。我反复获得的当前输出是常规会员导航栏。
2个回答
0
投票
投票
两大问题:
需要检查是否找到电子邮件。改变login.php
if(password_verify($password, $row['password'])) {
到
if($row && password_verify($password, $row['password'])) {
不显示管理页面链接,因为您仅在未设置index.php
时检查$_SESSION['admin_id']
。但是当用户是管理员时,这两个变量都会被设置。所以改变$_SESSION['user_id']
<?php elseif (empty($_SESSION['admin_id']) ===FALSE ): ?>
到
<?php if (isset($_SESSION['admin_id'])): ?>
0
投票
投票
检查这种方法。我假设
admin10admin_idid if(password_verify($password, $row['password'])) {
if($row['admin'] == 1 && $row['admin_id'] == '0'){
// I will not use prepared statements since i think you're doing a learning exercise, but this is not the way to do it, you'll learn after.
mysqli_query($DBConnect, "UPDATE members SET admin_id = {$row['id']} WHERE id = {$row['id']}");
$_SESSION['admin_id'] = $row['id'];
}
// Assign session Id to the unique primary key in the table row
$_SESSION['member_id'] = $row['id'];
//Check if the admin_id row is set to different value than 0 and if not already set on the $_SESSION superglobal for the next time the user logs in again.
if (!isset($_SESSION['admin_id']) && $row['admin_id'] != 0) {
$_SESSION['admin_id'] = $row['admin_id'];
}
$fname = $row['fname'];
$lname = $row['lname'];
$_SESSION['member_name'] = $fname . " " . $lname; //Concatenate a space in middle of first name and last name for better readability.
header("Location: index.php");
} else {
$errorMessage = "Incorrect email or password.";
}
然后要在导航中显示链接,您可以这样做:
<ul class="nav navbar-nav navbar-right">
<?php if (isset($_SESSION['member_id']) && isset($_SESSION['member_name'])) : ?>
<li class="navbar-text">Signed in as <?= $_SESSION['member_name']; ?></li>
<li><a href="logout.php">Log Out</a></li>
<li><a href="view_member_list.php">View Profiles</a></li>
<?php if (isset($_SESSION['admin_id']) && $_SESSION['admin_id'] != 0) : ?>
<li><a href="myadminpage.php">Admin</a></li>
<?php endif; ?>
<?php else : ?>
<li><a href="login.php">Login</a></li>
<li><a href="register.php">Register</a></li>
<li><a href="view_member_list.php">View Profiles</a></li>
<?php endif; ?>
</ul>
最新问题
- varnish 无法占用 ec2 机器上的 80 端口
- SwiftUI - onTapGesture 中绑定变量的比较(切换网格中行的选择)
- 有没有可以编译C++或C的库
- 我的 CS50 第 2 周的拼字游戏解决方案与符号作斗争。想不通为什么
- 我可以计算某个值的百分比并总结每个采样日期的此信息吗?
- 如何设置 Minecraft Villager 实体到某个位置的路径?即使用 Spigot API 让生物步行到特定地点
- 如何使用 Excel VBA 以编程方式导入 Excel VBA 模块?
- 使用重复的步骤定义运行不同的 Cucumber 套件
- GetElementsByID() 与 QuerySelector()
- 使用python过滤pdf
- Tilera 交叉编译 - 关于此错误的任何想法:未知的 asm 约束字母
- 片段未覆盖整个屏幕
- Redshift 的前向和后向 REGEX 替代方案 [已关闭]
- Firestore onDocumentWritten 触发器未在使用节点的 Cloud Functions 中进行文档写入时触发
- RPi4 上的 QNX 如何首次登录
- 问题中的一个heap-use-after-free错误--Design MyLinkList(LeetCode No.707)
- 如何在多列上创建FULLTEXT索引?
- Visual Composer 到 HTML
- 计算给定电阻邻接列表的总电阻
- 如何阻止空 iframe 在注入时触发加载事件?
© www.soinside.com 2019 - 2024. All rights reserved.