我正在尝试登录管理员和用户,但为什么它没有获得管理员页面? 你能帮我解决这个问题吗?. 因为它只显示索引.php登录时。
<?php
session_start();
include('connect.php');
$emailaddress = $_POST['emailaddress'];
$password = md5($_POST['password']);
$search = mysql_query("SELECT * FROM users WHERE email='".$emailaddress."' AND password='".$password."' AND active='1'") or die(mysql_error());
$match = mysql_num_rows($search);
if($match){
$_SESSION["email"] = $emailaddress;
$_SESSION["password"] = $password;
$_SESSION["firstname"] = mysql_result($search,0,"fname");
$_SESSION["lastname"] = mysql_result($search,0,"lname");
header('Location: index.php');
$msg = 'Login Complete! Thanks';
}
elseif ($match) {
$_SESSION["emailaddress"] == 'admin@iva.com';
$_SESSION["password"] == 'password';
header('Location: admin.php');
$msg = 'Login Complete! Thanks';
}
else{
$msg = 'Login Failed! Please make sure that you enter the correct details and that you have activated your account.';
}
你能帮我这个家伙吗?...
首先,您必须管理所有用户的角色。 例如,您必须在用户表中添加user_role列,并在新用户注册时插入用户角色。在这里,我们认为user_role管理员用户是管理员,其他用户是normal_user。现在使用以下代码更改您的代码。
<?php
session_start();
include('connect.php');
$emailaddress = $_POST['emailaddress'];
$password = md5($_POST['password']);
$search = mysql_query("SELECT * FROM users WHERE email='".$emailaddress."' AND password='".$password."' AND active='1' AND user_role != 'admin'") or die(mysql_error());
$match = mysql_num_rows($search);
if($match){
$_SESSION["email"] = $emailaddress;
$_SESSION["password"] = $password;
$_SESSION["firstname"] = mysql_result($search,0,"fname");
$_SESSION["lastname"] = mysql_result($search,0,"lname");
header('Location: index.php');
$msg = 'Login Complete! Thanks';
}
elseif ($match) {
$_SESSION["emailaddress"] == 'admin@iva.com';
$_SESSION["password"] == '36dada69c95e116a59f57552dcf9032d';
header('Location: admin.php');
$msg = 'Login Complete! Thanks';
}
else{
$msg = 'Login Failed! Please make sure that you enter the correct details and that you have activated your account.';
}
?>
希望这对你有用!