[英]PHP Login with differerent user level
I'm creating a login with different user level. 我正在创建具有不同用户级别的登录名。 How to get the user_level field fom my table users to comapare if the username and password is admin or staff.
如果用户名和密码是admin或staff,如何将表用户的user_level字段设置为comapare。
Here's the code: 这是代码:
<?php
include("../config/database.php");
if(isset($_POST["login"]))
{
$username = $_POST['username'];
$password = $_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$query = "SELECT * FROM users
WHERE username= '$username' OR email= '$username'
AND password='$password'";
$result = mysql_query($query);
$count = mysql_num_rows($result);//counting table rows
if($count==1)
{//check if found username and password
if(user_level == "admin")
{
header("Location: ../views/admin/dashboard.php");
}
elseif(user_level=="patient")
{
header("Location: ../views/default/home.php");
}
}
else
{
echo "WRONG USERNAME OR PASSWORD!";
}
}
?>
Make few changes , it wil work... 进行一些更改,它将起作用...
$count = mysql_fetch_assoc($result);
and also 并且
if($count==1){//check if found username and password
if($count['user_level'] == "admin"){
header("Location: ../views/admin/dashboard.php");
}elseif($count['user_level']=="patient"){
header("Location: ../views/default/home.php");
}
}
if(user_level == "admin"){
should be 应该
$record=mysql_fetch_assoc($result);
if($record["user_level"] == "admin"){
First of all try to separate using parentheses 首先尝试用括号分开
$sql = "SELECT * FROM users
WHERE (username= '$username' OR email= '$username')
AND password='$password'";";
And also mysql_*
functions are depricated. 并且还
mysql_*
函数。 You can use mysqli_*
or PDO
for that matter. 您可以
mysqli_*
使用mysqli_*
或PDO
。
And to answer your question, do you have a field that determines the role of the user in your table? 为了回答您的问题,您是否有一个确定用户在表中角色的字段? if so simply return the field and check if the user is the appropriate role.
如果是这样,只需返回该字段并检查用户是否是适当的角色。
Example: 例:
$data = mysql_fetch_assoc($result);
if ($data["user_level"] == "admin" ){
...
}
You should add a field user_level
in Database table users
. 您应该在数据库表
users
添加一个字段user_level
。 You can assign it value admin
or patient
at registration level. 您可以在注册级别为其分配值
admin
或patient
。
After that, use the same query with a new variable $previlage
. 之后,对新变量
$previlage
使用相同的查询。 Then use it to fetch contents from database, Like below,,, 然后使用它从数据库中获取内容,如下所示,
$previlage=mysql_fetch_array($result); //fetch contents from db
if($previlage['user_level'] == "admin"){
header("Location: ../views/admin/dashboard.php"); // if userlevel admin
}elseif($previlage['user_level']=="patient"){
header("Location: ../views/default/home.php"); // if user level is patient
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.