使用PHP登录信息访问mysql数据库 [英] use PHP login info to access mysql database

问题描述

我已建立自订的内容管理系统来更新我的网站。通常我做的是，我提到数据库登录信息（如username-host-password）到一个php文件，并将该文件包括到所有具有数据库语法的php脚本文件。通过这样做，我通过特定的数据库用户访问数据库。

I have built a custom CMS for updating my website. Normally what I do is, I mention database login info (like username-host-password) to a php file and include that file into all the php script files having database syntax. By doing this I access database through that specific database user.

我想做的是用登录的用户替换特定的数据库用户。更清楚地，如果用户John登录到CMS，他将使用用户名john访问数据库。如果用户Doe登录，他将使用用户名joe访问数据库。

What I am trying to do is to replace that particular database user with the logged in user. More clearly if user John is logged in to the CMS, he will access the database using the username john. And if user Doe is logged in, he will access the database using the username joe.

主要动机是跟踪在mysql数据库中更新表的用户。

Main motive for this is to track the user who has updated a table in mysql database.

你们请给我提供一个如何做的概念。

Can you guys please provide me with a concept of how to do this.

谢谢！

推荐答案

其实我可以在这里做。我有一个php文件，我使用require_once在我的所有页面。它被称为日志，并在其中有一个函数：

Actually i can do it here. I have a php file that i use require_once in all my pages. It is called logs and has a function in it here:

require_once("db_connection.php");

date_default_timezone_set('America/Chicago');

function logIt($msg,$tablename="",$application="" )
{
    global $connection;
    $cleanedMsg = remove_single_quotes($msg);
    $userID = "0";
    if ( isset($_SESSION['USERID']))
    {
        $userID = $_SESSION['USERID'];
    }

    $postDate = addHoursToTime(0);
    $query = "insert into web_log_tab (message, userid, post_Date, app, tablename) values ('{$cleanedMsg}',{$userID},'{$postDate}','{$application}','{$tablename}')";
    odbc_exec($connection,$query);
}

然后在我在php中调用的每个查询后，我只是调用logIt功能和传递查询，tablename和应用程序。在我的情况下，多个应用程序正在访问数据库，这样我可以通过应用程序，用户，甚至tablename过滤。我希望这有点更有意义，是有帮助的。当用户通过登录页面登录我的应用程序时，我将他们的用户名，userid，用户级别在他们的私人会话中，所以我可以随时随地访问应用程序中的任何地方。

then after every query that I call in my php, i just call the logIt fufnction and pass in the query, tablename, and application. In my case, multiple applications are accessing the database so this way I can filter out by application, user, and even tablename. I hope this makes a little more sense and is helpful. When the user is logging into my application via the login page, I am putting their username, userid, userlevel in their private session so I can access anytime and from anywhere in the application.

$webPassword = $row['password'];
if ( $webPassword == $hashedPassword)
{
    $_SESSION['USERID'] = $row['id'];
    $_SESSION['FIRSTNAME'] = $row['first_name'];
    $_SESSION['USER_LEVEL'] = $row['user_level'];
    echo '{success:true,error:0,id:'.$row['id'].'}';
}

当然，您可以存储用户的用户名并使用insead， id和我将加入我以后需要的任何信息。

Of course you can store the users username and use that insead, I just prefer the id and I'll join whatever information that I need at a later date.

这篇关于使用PHP登录信息访问mysql数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！