以管理员和普通用户身份登录 [英] login as Admin and normal user

问题描述

database hs_hr_users

user_name    user_password     is_admin
admin          qwe123            Yes
999999         123qwe            No

这里我只有普通用户的 checklongin 并且它可以工作.但我需要使用列 is_admin = 'Yes'

here I have checklongin for normal user only and it working. But I need to login as admin using column is_admin = 'Yes'

checklogin.php

checklogin.php

$host="localhost"; // test local
$username="ess_las_admin"; // Mysql username 
$password="esslasadmin"; // Mysql password 
$db_name="ess_las_admin"; // Database name 
$tbl_name="hs_hr_users"; // Table name user
$tbl_name2 ="hs_hr_employee" ; //
$db = mysql_connect($host, $username, $password); 
$link = mysql_select_db($db_name,$db);
ob_start();

// Connect to server and select databse.
$link = mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = md5(stripslashes($mypassword));
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name a, $tbl_name2 b WHERE a.emp_number=b.emp_number AND a.user_name='$myusername' and a.user_password='$mypassword' 
        AND (
        b.work_station = '14' 
        OR  b.work_station = '1'
        OR  b.work_station = '15'
        OR  b.work_station = '16'
        OR  b.work_station = '17'
        OR  b.work_station = '18'
        OR  b.work_station = '19'
        OR  b.work_station = '20'
        OR  b.work_station = '21'
        OR  b.work_station = '22'
        OR  b.work_station = '23'
        OR  b.work_station = '24'
        OR  b.work_station = '25'
        OR  b.work_station = '27'
        OR  b.work_station = '28'


        )";
$result=mysql_query($sql);
echo $sql;
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
session_start();
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['user_name_eprofile'] = $myusername;
$_SESSION['user_password'] = $mypassword;


//session_register("myusername");
//session_register("mypassword"); 
header("location:dashboard.php");
}
else {
//echo "Wrong Username or Password";
header("Location: login.php?error=1");
}

mysql_close($link);
ob_end_flush();
?>

管理员和普通用户的所有数据都在同一个表中.但是，列 is_admin = Yes/No 区分两者.如果用户以管理员身份登录，将转到 header:location:admin_search.php 这是管理页面.如果用户以普通用户身份登录，将转到header:location:dashboard.php.

All the data for admin and normal user is in same table. But, column is_admin = Yes/No that differentiate between both. If user login as admin, will go header:location:admin_search.php which is admin page. If user login as normal user, will go header:location:dashboard.php.

推荐答案

可能是这样的:

if($count==1){
session_start();
// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['user_name_eprofile'] = $myusername;
$_SESSION['user_password'] = $mypassword;
$row = mysql_fetch_array($result);
$_SESSION['is_admin'] = $row['is_admin'];

并使用 $_SESSION['is_admin'] 做任何你想做的事情.

and do whatever you want with $_SESSION['is_admin'].

在您的情况下，对于重定向:

In your case, for the redirection :

if ($_SESSION['is_admin']=="Yes") { 
    header("location:admin_search.php");
} else {
    header("location:dashboard.php");
}

还有一个建议，将 $sql="SELECT * FROM... 改为 $sql="SELECT is_admin FROM...

Also another suggestion, change $sql="SELECT * FROM... to $sql="SELECT is_admin FROM...

但是

警告 警告
MYSQL_ 函数已弃用
mysql_* 函数自 PHP 5.5.0 起已弃用，将来会被删除.相反，MySQLi 或 PDO_MySQL 应该使用扩展名.

Warning Warning
MYSQL_ FUNCTIONS ARE DEPRECATED
mysql_* functions are deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used.

这篇关于以管理员和普通用户身份登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！