用户认证 [英] user authentication
问题描述
好吧我在成像之前遇到了一些问题,但这一切都解决了。但现在我需要一些用户身份验证的帮助。基本上,当你将用户添加到我的数据库时,被破坏在表user_info下,存储以下信息(并且工作,我检查)
user_realname
用户名
密码
bus_number //每个帐户关联的公交车号码
acct_type //可以是司机,管理员或家长。
和我正在尝试的要做的是让脚本检查用户名和密码,如果它们错误或没有输入,请返回登录屏幕,它也是如此。但我接下来想要发生的是,如果帐户类型是admin,它将重定向到/admin/adminhome.html,分别对于驱动程序和父项也是如此。但是使用此代码,如果用户名和密码匹配,它总是重定向到admin / adminhome。我做错了什么?
[php]
< ;?
//检查是否输入了用户名和密码
if((!$ _ POST [username])||(!$ _ POST [password])){
header(" Location:show_login.html");
退出;
}
$ db_name =" busted";
$ table_name =" user_info";
$ con = @mysql_connect(" localhost"," nathan"," *******")
或die(mysql_error());
$ db = @mysql_select_db($ db_name,$ con)或die(mysql_error());
$ sql =" SELECT * FROM $ table_name WHERE username =' '$ _POST [username]''AND password =''$ _POST [password]''" ;;
$ result = @mysql_query($ sql,$ con)或die(mysql_error()) ;
$ num = mysql_num_rows($ result);
if($ num!= 0){
session_start();
WHILE($ row = mysql_fetch_array($ result))
{
$ _SESSION [''username''] = $ row [username];
$ _SESSION [''password''] = $ row [密码];
$ _SESSION [''user_realname''] = $ row [user_realname ];
$ _SESSION [''bus_number''] = $ row [bus_number];
$ _SESSION [''acct_type''] = $ row [acct_type];
}
//使用下面的语句来测试会话变量。
// echo" hello,$ _SESSION [''username'' ]!您输入$ _SESSION [''password'']作为密码。您的真实姓名是$ _SESSION [''user_realname''],并且您与公共号码$ _SESSION [''bus_number'']相关联,其中$ _SESSION [''acct_type'']作为您的帐户类型。" ;;
{
if($ _SESSION [''acct_type''] = admin){
header(" location:/ admin /adminhome.html");
退出;
}
elseif($ _SESSION [''acct_type''] = parent){
header(" location:/ parent / parenthome) html的");
退出;
}
elseif($ _SESSION [''acct_type''] =司机){
header(" location:/driver/driverhome.html");
退出;
}
else {
echo"抱歉,看起来你要么没有'没有正确创建您的帐户,或者其他一些技术难题阻碍您进入系统。请咨询您的管理员以获取帮助。; //注意:管理员电子邮件地址为链接?
}
} else {
header(" location:show_login.html");
退出;
}
?> [/ php]
ok i had some problems before with imaging, but that is all solved. but now i need help with some user authentication. basically, when you add a user to my database, "busted" under table "user_info", the following info is stored (and works, i checked)
user_realname
username
password
bus_number //the bus number each account is associated with
acct_type // can be driver, admin, or parent.
and what i''m trying to do is have the script check the username and password, which it does, and if they are wrong or not entered go back to the login screen, which it also does. but what i want to happen next is that if the account type is admin, it would redirect to /admin/adminhome.html, and the same goes for driver and parent, respectively. but using this code, if the username and password do match, it always redirects to admin/adminhome. so what am i doing wrong?
[php]
<?
//check if username and password were even entered
if ((!$_POST[username]) || (!$_POST[password])) {
header("Location: show_login.html");
exit;
}
$db_name = "busted";
$table_name = "user_info";
$con = @mysql_connect("localhost", "nathan", "*******")
or die(mysql_error());
$db = @mysql_select_db($db_name, $con) or die(mysql_error());
$sql = "SELECT * FROM $table_name WHERE username = ''$_POST[username]'' AND password = ''$_POST[password]''";
$result = @mysql_query($sql, $con) or die(mysql_error());
$num = mysql_num_rows($result);
if ($num !=0) {
session_start();
WHILE($row = mysql_fetch_array($result))
{
$_SESSION[''username''] = $row[username];
$_SESSION[''password''] = $row[password];
$_SESSION[''user_realname''] = $row[user_realname];
$_SESSION[''bus_number''] = $row[bus_number];
$_SESSION[''acct_type''] = $row[acct_type];
}
//use statements below to test session vars.
//echo "hello, $_SESSION[''username'']! you entered $_SESSION[''password''] as your password. Your real name is $_SESSION[''user_realname''], and you are associated with bus number $_SESSION[''bus_number''] with $_SESSION[''acct_type''] as your account type.";
{
if ($_SESSION[''acct_type''] = admin) {
header("location: /admin/adminhome.html");
exit;
}
elseif ($_SESSION[''acct_type''] = parent) {
header("location: /parent/parenthome.html");
exit;
}
elseif ($_SESSION[''acct_type''] = driver) {
header("location: /driver/driverhome.html");
exit;
}
else {
echo "Sorry, but it looks like you either didn''t have your account created correctly, or some other techical difficulty is blocking your entrance to the system. Check with your administrator for assistance."; //note: admin email address as link?
}
}else {
header("location: show_login.html");
exit;
}
?>[/php]
推荐答案
_POST [用户名])|| (!
_POST[username]) || (!
_POST [密码])){
header(" Location:show_login.html");
退出;
}
_POST[password])) {
header("Location: show_login.html");
exit;
}
db_name =" busted";
db_name = "busted";
这篇关于用户认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
