[英]Confused with php sessions for a user?
In my login.php
I store the username and the user id in sessions. 在我的login.php
我在login.php
存储用户名和用户ID。 After login the user selects their page and once they are lead to their page, they can select a lecturer name which needs to be only their name, not other's lecturer. 登录后,用户选择他们的页面,并在他们进入页面后,他们可以选择一个讲师名称,该名称只需要是他们的名称,而不必是其他讲师的名称。 I know that this lecturer name that is selected needs to be stored in a session. 我知道所选的讲师姓名需要存储在会话中。 Afterwards, I have to match either with the user id or username so to control what the user can see. 之后,我必须与用户ID或用户名匹配,以便控制用户可以看到的内容。 A problem is how to match these sessions from the login.php
and the `lecturer.php. 问题是如何从login.php
和`lecturer.php中匹配这些会话。 Should I create a separate file for the sessions? 我应该为会话创建一个单独的文件吗?
login.php login.php
<?php
require ('connect.php');
$username = $_POST['username'];
$password = $_POST['password'];
if (isset($_POST['submit'])) {
if ($username && $password) {
$check = mysql_query("SELECT * FROM users WHERE username='".$username."' AND password= '".$password."'");
$rows = mysql_num_rows($check);
if(mysql_num_rows($check) != 0){
session_start();
$run_login =mysql_fetch_array($check);
$uid = $run_login['id'];
$_SESSION['uid'] = $_POST['uid'];
$_SESSION['username']=$_POST['username'];
header("location:../../statistics/home.php");
}
else{
die("Could not find the Username or password.");
}
}
else {
echo "Please fill all the fields.";
}
}
?>
lecturer.php 讲师.php
<?php
include 'connect.php';
$year = mysql_real_escape_string($_POST['year']);
$lecturer = mysql_real_escape_string($_POST['lecturer']); // Don't forget to handle the SQL Injections ...
$years = array(
2005,
2006,
2007
);
$lecturers = array(
'dimopoulos',
'lagkas',
'kehagias',
'chrysochoou'
);
if(isset($_POST['submit'])){
if (in_array($lecturer, $lecturers) && in_array($year, $years)) {
$sql = "SELECT unit_name,a1,a2,a3,l1,l2,l3,l4,l5,l6,l7,lavg,r1,r2,u1,u2,u3 FROM $lecturer WHERE year=$year";
$result = mysql_query($sql);
}
else {
echo "No data found";
}
}
else{
echo "Please select";
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="../../statistics/style.css">
</head>
<body>
<div id="container">
<table id="table" width="900" border="1" cellspacing="1">
<tr>
<td>Unit Name</td>
<td>A1 </td>
<td>A2 </td>
<td>A3 </td>
<td>L1 </td>
<td>L2 </td>
<td>L3 </td>
<td>L4 </td>
<td>L5 </td>
<td>L6 </td>
<td>L7 </td>
<td>LAVG </td>
<td>R1 </td>
<td>R2 </td>
<td>U1 </td>
<td>U2 </td>
<td>U3 </td>
</tr>
<?php
while($unit=mysql_fetch_assoc($result)){
echo "<tr>";
echo "<td>".$unit['unit_name']."</td>";
echo "<td>".$unit['a1']."</td>";
echo "<td>".$unit['a2']."</td>";
echo "<td>".$unit['a3']."</td>";
echo "<td>".$unit['l1']."</td>";
echo "<td>".$unit['l2']."</td>";
echo "<td>".$unit['l3']."</td>";
echo "<td>".$unit['l4']."</td>";
echo "<td>".$unit['l5']."</td>";
echo "<td>".$unit['l6']."</td>";
echo "<td>".$unit['l7']."</td>";
echo "<td>".$unit['lavg']."</td>";
echo "<td>".$unit['r1']."</td>";
echo "<td>".$unit['r2']."</td>";
echo "<td>".$unit['u1']."</td>";
echo "<td>".$unit['u2']."</td>";
echo "<td>".$unit['u3']."</td>";
echo "</tr>";
}
?>
</table>
</div>
</body>
</html>
lecturerForm.php
<form name="myform" action="lecturer.php" method="POST" >
<b>Lecturers:<b/>
<select name="lecturer">
<option value="Choose">Please select..</option>
<?php
$sql=mysql_query("SELECT lec_name FROM lecturer");
while($row=mysql_fetch_array($sql)){
echo "<option value='".$row['lec_name']."'>".$row['lec_name']."</option>";
}
?>
</select><br/><br/>
<b>Year:<b/>
<select name="year">
<option value="Choose">Please select..</option>
<option value="2005">2005</option>
<option value="2006">2006</option>
<option value="2007">2007</option></select><br/><br/>
<br/>
<input type="submit" name="submit" value="Submit">
<input type="reset" name="reset" value="Clear">
</form>
Put session_start()
to the begin of lecturer.php page
. 将session_start()
放在lecturer.php page
的开头。
Note: 注意:
You have bad var name in login.php where set $_SESSION['uid']
: 您在login.php中设置了$_SESSION['uid']
var名称错误:
$uid = $run_login['id'];
$_SESSION['uid'] = $uid; // not $_POST['uid'];
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.