我使用了这段代码,但当我以雇主身份登录时,它一直在获取管理员的会话。我知道我的条件语句是错误的,我该怎么办?
if ($username&&$password)
{
$query = mysqli_query($link,"select * from login where UserId = '$username'");
$numrows = mysqli_num_rows($query);
if ($numrows!==0)
{
while($row = mysqli_fetch_assoc($query))
{
$dbusername = $row['UserId'];
$dbpassword = $row['Password'];
$dbprivileges = $row['Privileges'];
}
if($username==$dbusername&&$password==$dbpassword)
{
//admin home page
if($dbprivileges=="Admin")
{
@$_SESSION['admin'] = $username;
header('Location:hris_admin_index.php');
}
//company home page
elseif($dbprivileges=="Company")
{
@$_SESSION['employer'] = $username;
header('Location:hris_company_index.php');
}
//employee home page
else
{
@$_SESSION['employee'] = $username;
header('Location:hris_employee_index.php');
}
试试这个,但也要记住添加session_start()
:
if ($username && $password)
{
$query = mysqli_query($link, "SELECT * FROM login");
while($row = mysqli_fetch_assoc($query))
{
$dbusername = $row['UserId'];
$dbpassword = $row['Password'];
$dbprivileges = $row['Privileges'];
if($username == $dbusername && $password == $dbpassword)
{
//admin home page
if($dbprivileges == "Admin")
{
@$_SESSION['admin'] = $username;
header('Location:hris_admin_index.php');
}
//company home page
elseif($dbprivileges == "Company")
{
@$_SESSION['employer'] = $username;
header('Location:hris_company_index.php');
}
//employee home page
elseif($dbprivileges == "Employee")
{
@$_SESSION['employee'] = $username;
header('Location:hris_employee_index.php');
}
}