我通过内爆将值添加到user_privilege列中,包括用户的权限 ( 7gz,agt_courses,newbill,new_Trainee)=> 它们中的每一个在用户许可下真实打开(例如:newbill页面)或不打开在数据库中"登录"表中user_privilege列中换句话说,我想检查用户登录他的权限,如果它有说新账单权限,他可以打开新账单页面,如果没有,他无法打开这个页面。
数据库中的登录表如下所示:
**username username2 user_privilege**
amal amal 7gz,agt_courses,newbill
ahmed ahmed dataDisplay,previllige,newUsers
$username = $_POST['username'];
$username2 = $_POST['username2'];
if($username && $username2)
{
$finduser = mysqli_query($link,"SELECT * FROM LOGIN
WHERE username='".$username."' AND username2='".$username2."' AND FIND_IN_SET('Customers', user_previllige)") or die("error");
if(mysqli_num_rows($finduser) !=0)
{
while($row = mysqli_fetch_array($finduser))
{$uname = $row['username'];
$uname2 = $row['username2'];}
}
if($username == $uname && $username2 == $uname2 )
{$_SESSION['sessionname'] =$uname;
$_SESSION['sessionname2'] =$uname2;
header ("location:../customers/cutomer.php");}
else echo '<script>function
{alert(you have not permission to open this page)}</script>';
}
任何身体帮助我吗?
function check($sPermission, $sColumnValue)
{
$aPerm = explode(',', $sColumnValue);
return (!empty($aPerm) && in_array($sPermission, $aPerm));
}
我希望您知道如何从数据库中选择数据,因此调用将如下所示:
check('newbill', '7gz,agt_courses,newbill');