如何将会话用于我的登录屏幕 - How do I use a session for my login screen?

我正在创建一个网上商店，我的登录工作，但我遇到了问题。我需要使用会话来显示和隐藏某些页面。这是我网上商店后端的登录屏幕，因此应该对不允许访问后端的人进行保护和隐藏是有道理的。我知道我需要在页面顶部开始一个会话但是呢？我搜索了谷歌，但我找不到可以应用于我的代码的解决方案。

<?php
session_start();
*my information*
// Create connection
$conn = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['submit'])) {
$uname = $_POST['username'];
$wwoord = $_POST['wachtwoord'];
$query = "SELECT * FROM Medewerkers WHERE medewerker_username='$uname' && medewerker_password='$wwoord'";
$result = mysqli_query($conn, $query);
if($result) {
    $_SESSION['ingelogd'] = true;
    echo"U bent ingelogd!";
    header("location: index.php");
} else {
    echo "Inloggegevens incorrect.";
}
}
?>
<html lang="en"><head>
<meta charset="UTF-8">
<title>Admin panel</title>
<link rel="stylesheet" type="text/css" href="tables.css">
</head>
<body>
<div id="content">
<ul>
<li><a href="index.php">Admin panel</a></li>
<li><a href="Medewerkersoverzicht.php">Medewerkersoverzicht</a></li>
<li><a href="addMedewerker.php">Medewerkers toevoegen</a></li>
<li><a href="Klantenoverzicht.php">Klantenoverzicht</a></li>
<li><a href="Productoverzicht.php">Productoverzicht</a></li>
<li><a href="addProduct.php">Product toevoegen</a></li>
<li><a href="reparatieOverzicht.php">Reparatieoverzicht</a></li>
<li><a href="contactoverzicht.php">Contactoverzicht</a></li>
</ul>
<h1>Admin login</h1>
<form role="form" method="post" action="index.php" class="contactForm">
    <table>
        <tr>
            <td><label for="username">Username</label></td>
            <td><input type="text" name="username" class="" id="username">      <br><br></td>
        </tr>
        <tr>
            <td><label for="wachtwoord">Wachtwoord</label></td>
            <td><input type="password" name="wachtwoord" class=""    id="wachtwoord"><br><br></td>
        </tr>
        <tr>
            <td><button type="submit" name="submit" class="button">Inloggen</button><br></td>
        </tr>
    </table>
</form>
</div>
</html>

会话启动后，检查会话变量是否存在 - 如果它已经存在，则重定向用户。

<?php
if( !isset( $_SESSION ) ) session_start();
/* if the session already exists, redirect user */
if( isset( $_SESSION['ingelogd'] ) ) header("location: index.php");
/* don't echo content outwith the document body ~ other than suitable head content */
$msg='';
$conn = new mysqli( $dbhost, $dbuser, $dbpass, $dbname );
if ( $conn->connect_error ) die("Connection failed");/* don't reveal too much information about db ! */

if( isset( $_POST['submit'] ) ) {
    $uname = $_POST['username'];
    $wwoord = $_POST['wachtwoord'];
    $query = "SELECT * FROM Medewerkers WHERE medewerker_username='$uname' && medewerker_password='$wwoord'";
    /* best practise: don't mix OO & procedural code */
    $result = $conn->query( $query );
    if( $result ) {
        $_SESSION['ingelogd'] = true;
        header("location: index.php");
    } else {
        /* assign error message as a variable to echo later */
        $msg="Inloggegevens incorrect.";
    }
    $conn->close();
}
?>
<html lang="en">
    <head>
        <meta charset="UTF-8">
        <title>Admin panel</title>
        <link rel="stylesheet" type="text/css" href="tables.css">
    </head>
    <body>
        <div id="content">
            <ul>
                <li><a href="index.php">Admin panel</a></li>
                <li><a href="Medewerkersoverzicht.php">Medewerkersoverzicht</a></li>
                <li><a href="addMedewerker.php">Medewerkers toevoegen</a></li>
                <li><a href="Klantenoverzicht.php">Klantenoverzicht</a></li>
                <li><a href="Productoverzicht.php">Productoverzicht</a></li>
                <li><a href="addProduct.php">Product toevoegen</a></li>
                <li><a href="reparatieOverzicht.php">Reparatieoverzicht</a></li>
                <li><a href="contactoverzicht.php">Contactoverzicht</a></li>
            </ul>
            <h1>Admin login</h1>
            <?php
                echo $msg;/* error message */
            ?>
            <form role="form" method="post" action="index.php" class="contactForm">
                <table>
                    <tr>
                        <td><label for="username">Username</label></td>
                        <td><input type="text" name="username" class="" id="username"><br><br></td>
                    </tr>
                    <tr>
                        <td><label for="wachtwoord">Wachtwoord</label></td>
                        <td><input type="password" name="wachtwoord" class="" id="wachtwoord"><br><br></td>
                    </tr>
                    <tr>
                        <td><button type="submit" name="submit" class="button">Inloggen</button><br></td>
                    </tr>
                </table>
            </form>
        </div>
    </body>
</html>

只是将萨瓦利亚的评论@Divyesh代码中。

<?php session_start(); ?>
<?php if(isset($_SESSION['ingelogd'])){ ?>
// ... the rest of your code in index.php
<?php } else {
header('location: login.php'); // if your login page is login.php
}?>

实际上，由于登录失败时不会填充会话，因此最好在会话中存储有关用户的一些信息（例如用户名或用户 ID）并使用 isset 进行检查，而不是在会话中存储布尔值。稍后将需要此值。