Hi在php中开发了一个管理员登录-用户登录页面,当我以管理员身份登录时,它非常完美,当我作为用户登录时,屏幕上总是显示相同的用户名,但数据库中的用户名始终不同
这是我的代码
login.php
<?php
include('conn.php');
if (isset($_POST['submit'])){
$UserName=$_POST['user'];
$PassWord=$_POST['pass'];
//echo $UserName;
//echo $PassWord;
$sql = "SELECT role from login WHERE username='$UserName'and password='$PassWord'";
//$sql=mysql_query("select usertype from login where username='$UserType' and password='$Password'")or die (mysql_error());//query sang database
$retval = mysql_query($sql);
if(! $retval )
{
die('Could not get data: ' . mysql_error());
}
while($row = mysql_fetch_array($retval, MYSQL_ASSOC))
{
session_start();
$_SESSION["user"]=$UserName;
$_SESSION["pass"]=$PassWord ;
$_SESSION['role']=$row['role'];
$_SESSION['eid']=$row['eid'];
if ($row['role']==0){
header("location:admin.php");
}
elseif ($row['role']==1) {
header("location:testing.php");
}
}
}
echo "Invalid User Name and Password'n";
?>
Testing.php
<?php
include('conn.php');
session_start();
if (!isset($_SESSION['role'])){
header('location:index.php');
}
//
?>
<a href="logout.php">logout</a>
</br>
</br>
<?php
//mag show sang information sang user nga nag login
$role=$_SESSION['role'];
$eid=$_SESSION['eid'];
$result=mysql_query("select * from login where role='$role'")or die(mysql_error);
$row=mysql_fetch_array($result);
$UserName=$row['username'];
echo $UserName;
?>
我的问题是,当我以用户身份登录时,用户名应该打印在屏幕上
我如何才能实现我的目标
提前感谢
$result=mysql_query("select * from login where role='$role'")or die(mysql_error);
无论是什么,此查询都只显示第一个用户
您已经在会话中存储了用户名,所以只需回显
$_SESSION['user'];
您将获得已登录的用户名
<?php
include('conn.php');
session_start();
if (!isset($_SESSION['role'])){
header('location:index.php');
}
//
?>
<a href="logout.php">logout</a>
</br>
</br>
<?php
//mag show sang information sang user nga nag login
echo $_SESSION['user'];
?>
进入您的login.php代码
您需要通过在查询中添加eid来更新查询
$sql = 'SELECT role, eid from login WHERE username = "'.mysql_real_escape_string($UserName).'" AND password = "'.mysql_real_escape_string($PassWord).'" ';
如果找到用户,您可以将eid和角色存储到会话中,并且never将密码存储到会话。
$query = mysql_query($sql) or die('Database error -> ' . mysql_error());
if(mysql_num_rows($query)>0){
$row = mysql_fetch_array($query)
$_SESSION['userName'] = $row['username'];
}
进入您的Testing.php代码
你不需要再去你的数据库,只需检查你的会话即可获得
echo $_SESSION['userName'];