堆栈内存溢出
  简体   繁体   English

管理员和用户 PHP 数据库登录

[英]Admin and User PHP Database login

 原文  2018-11-10 01:59:16       php/ mysql/ database/ forms/ session

问题描述

I am pretty new to php coding and I have setup a working signup/signin system for a website, but now I want to create an admin user which can edit/upload pictures to the website.我对 php 编码很陌生,我已经为网站设置了一个有效的注册/登录系统,但现在我想创建一个可以编辑/上传图片到网站的管理员用户。 I just have no idea how to do it, so far I have just added a column to phpmyadmin which is usertype and its an enum with two variables which are admin and users, and I have set the default to user so when someone signs up they are defaulted as a user.我只是不知道该怎么做,到目前为止,我刚刚向 phpmyadmin 添加了一个列,它是 usertype,它是一个枚举,其中包含两个变量,即 admin 和 users,并且我已将默认值设置为 user,因此当有人注册时默认为用户。 so any help would be greatly appreciated.所以任何帮助将不胜感激。

This is my login php这是我的登录 php

if (isset($_POST['login-submit'])) {
    #
require 'dbh.inc.php';

$mailuid = $_POST['mailuid'];
$password = $_POST['pwd'];

if (empty($mailuid) || empty($password)) {
    header("Location: ../index.php?error=emptyfields");
    exit();

}else {
    $sql = "SELECT * FROM users WHERE uidUsers=?;";
    $stmt = mysqli_stmt_init($conn);
    if (!mysqli_stmt_prepare($stmt, $sql)) {
        header("Location: ../index.php?error=sqlerror");
        exit();
    }else{

        mysqli_stmt_bind_param($stmt, "s", $mailuid);
        mysqli_stmt_execute($stmt);
        $result = mysqli_stmt_get_result($stmt);
        if ($row = mysqli_fetch_assoc($result)) {
            $pwdCheck = password_verify($password, $row['pwdUsers']);
            if ($pwdCheck == false) {
                header("Location: ../index.php?error=wrongpassword");
        exit();
            }elseif ($pwdCheck == true) {
                session_start();
                $_SESSION['userId'] = $row['idUsers'];
                $_SESSION['userUid'] = $row['uidUsers'];

                header("Location: ../index.php?login=success");
                exit();

            }
        }
        else {
            header("Location: ../index.php?error=nouser");
        exit();
        }
    }

    }



}else {
    header("Location: ../index.php");
    exit();
}

This is my signup php这是我的注册 php

<?php
if (isset($_POST['signup-sumbit'])) {

    require 'dbh.inc.php';


    $username = $_POST['uid'];
    $email = $_POST['mail'];
    $password = $_POST['pwd'];
    $passwordRepeat = $_POST['pwd-repeat'];

    if (empty($username) || empty($email) || empty($password) || empty($passwordRepeat)) {
        header("Location: ../signup.php?error=emptyfields&uid=".$username."&mail=".$email);
        exit();
    }elseif (!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $username)) {
        header("Location: ../signup.php?error=invaildmailuid");
        exit();
    }elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
        header("Location: ../signup.php?error=invaildmail&uid=".$username);
        exit();
    }elseif (!preg_match("/^[a-zA-Z0-9]*$/", $username)) {
        header("Location: ../signup.php?error=invailduid&mail=".$email);
        exit();
    }elseif ($password !== $passwordRepeat) {
        header("Location: ../signup.php?error=passwordcheck&uid=".$username."&mail=".$email);
        exit(); 
    }else{
        $sql = "SELECT uidUsers FROM users WHERE uidUsers=?";
        $stmt = mysqli_stmt_init($conn);
        if (!mysqli_stmt_prepare($stmt, $sql)) {
            header("Location: ../signup.php?error=sqlerror1");
            exit();
        } else {
            mysqli_stmt_bind_param($stmt, "s", $username);
            mysqli_stmt_execute($stmt);
            mysqli_stmt_store_result($stmt);
            $resultCheck = mysqli_stmt_num_rows($stmt);
            if ($resultCheck > 0) {
                header("Location: ../signup.php?error=usertaken&mail=".$email);
                exit();
            } else {
                $sql = "INSERT INTO users (uidUsers, emailUsers, pwdUsers) VALUES (?, ?, ?)";
                $stmt = mysqli_stmt_init($conn);
                if (!mysqli_stmt_prepare($stmt, $sql)) {
                    header("Location: ../signup.php?error=sqlerror");
                    exit();
                    } else {
                        $hashedPwd = password_hash($password, PASSWORD_DEFAULT);


                        mysqli_stmt_bind_param($stmt, "sss", $username, $email, $hashedPwd);
                        mysqli_stmt_execute($stmt);
                        header("Location: ../signup.php?signup=success");
                        exit();
                    }




            }


        }



    }
    mysqli_stmt_close($stmt);
    mysqli_close($conn);


}else {
    header("Location: ../signup.php");
    exit();

}

This is a picture of the new column I added Picture of phpmyadmin这是我添加的新栏目的图片phpmyadmin的图片

1 个解决方案

解决方案1
 1  2018-11-10 02:18:20

This is the code where you are checking if user has admin privileges and store in session这是您检查用户是否具有管理员权限并存储在会话中的代码

if($row['user_type'] == 'Admin'){
          $_SESSION['isAdmin'] = true;
}else{
          $_SESSION['isAdmin'] = false;
}

later you can use $_SESSION['isAdmin'] to give privileges as you wish稍后您可以使用$_SESSION['isAdmin']授予您想要的权限

if($_SESSION['isAdmin']){
//code for uploading pictuers ..
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 用户/管理员通过PHP登录 - User/Admin login via PHP 在php中区分管理员登录名和用户登录名 - Differentiate between admin login and user login in php 管理员和用户登录php mysql表单 - admin and user login php mysql form 如何在php中使用admin和user制作登录表单 - How to make login form with admin and user in php 在PHP中创建管理员/用户登录系统 - Creating Admin/User login system in PHP 当用户登录PHP时向管理员发送电子邮件 - Send an email to admin when user login in PHP 尝试为Admin / User PHP创建登录 - Trying to create a login for Admin/User PHP 管理员和普通用户登录系统PHP MYSQL - Admin and normal user login system PHP MYSQL 如何在PHP中为管理员和用户分别登录? - How to make a separated login for the admin and user in PHP? 如何在php中使用用户和管理员创建登录 - How to create a Login using user and admin in php
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM