[英]Check role of user logged in (PHP)
首先,我搜索的問題與我的問題相同,很遺憾,我無法理解答案。 它說使用Auth等... bla bla bla。 到目前為止,我僅了解基礎知識。
所以這是我的問題:如何檢查當前登錄的用戶及其角色?
我以為我可以很輕松地做到這一點,實際上我確實做到了,但是我正在構建的站點的用戶只能是一個。 大聲笑。 我有兩列名為session和Membership。 無論如何,我的代碼寫在下面(這肯定是錯誤的,我只是在凌晨2點才意識到這一點。如果一側的用戶又只是一個,那將100%起作用。
if(empty($_SESSION['user']))
{
// If they are not, we redirect them to the login page.
// Remember that this die statement is absolutely critical. Without it,
// people can view your members-only content without logging in.
header("Location: http://localhost/se/");
}
//if(!empty($_SESSION['user']) )
else
{
//This following codes are for checking the session in DB
$query = "
SELECT
id,
password,
emailAddress,
membership
FROM memberlist
WHERE
session = :var_val
";
// The parameter values
$query_params = array(
':var_val' => 'True'
);
try
{
// Execute the query against the database
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
// Note: On a production website, you should not output $ex->getMessage().
// It may provide an attacker with helpful information about your code.
die("Failed to run query: " . $ex->getMessage());
}
$row = $stmt->fetch();
if ( $row['membership'] == 'Officer' || $row['membership'] == 'Member' )
{
header("Location: http://localhost/memberdir/index.php");
}
}
如果用戶的成員資格== 1,則轉到admin目錄。 否則轉到成員目錄。
請幫忙 :(
當用戶成功登錄后,您可以執行以下操作:
if(login success)
{
$_SESSION['user']=array('id'=>$id,
'emailAddress'=>$emailAddress,
'membership'=>$membership);//the three values are selected from database when login in
}else
{
// do some thing
}
然后,當您檢查用戶時,可以使用:
if(empty($_SESSION['user']))
{
// If they are not, we redirect them to the login page.
// Remember that this die statement is absolutely critical. Without it,
// people can view your members-only content without logging in.
header("Location: http://localhost/se/");
}else
{
//get user info from session
}
要啟動用戶會話:
session_start();
要將參數添加到該會話:
$_SESSION['parameter'] = $parameter;
要獲取該參數:
$getParameter = $_SESSION['parameter'];
因此,請確保您放置session_start();
在任何輸出到頁面之前(在打印任何內容之前):
if ( $row['membership'] == 'Officer' || $row['membership'] == 'Member' )
{
session_start();
$_SESSION['membership'] = $row['membership'];
include('memberdir/index.php');
//or header("Location: http://localhost/memberdir/index.php");
}
因此,在您的成員文件中向您顯示特定用戶(或僅一個用戶,沒有任何區別),請檢查session參數是否存在以及如何處理:
if (isset($_SESSION['membership'])) {
//membership parameter is set
if($_SESSION['membership'] == 'Officer') {
echo "Hey, your membership is Officer, here is your page";
} else if ($_SESSION['membership'] == 'Member') {
echo "Hey your membership is Member, here is your page";
}
}
這應該可以幫助您了解基礎知識,並且可以從那里開始。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.