这是我用php编写的第一段代码,我遵循教程。我希望此代码选择权限表中的所有字段,并检查登录用户的ID及其访问级别但访问级别不会随着每个用户登录而改变
我在两个表之间使用关系,它们是:特权表
+----------------------------------+
| AccessLevel | logi_id | pre_id |
|----------------------------------|
| 1 | 1 | 1 |
| 2 | 1 | 2 |
| 4 | 2 | 4 |
+----------------------------------+
这是login_pre表:
+----------------------------------+
| username| userpass | login_id |
|----------------------------------|
| a | 123 | 1 |
| a | 123 | 1 |
| b | 1234 | 2 |
+----------------------------------+
这是访问页面:
<?php
ob_start();
session_start();
include 'C:'xampp'htdocs'database'agtdatabase'agt_site'connection'connect.php';
$query ="SELECT * FROM privilege " ;
$result = mysqli_query($link,$query) or die('');
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
$access = $row['AccessLevel'];
echo $access; //result 124 in database
}
if(isset($_SESSION['sessionloginid']))// point to id of user logged in
{
echo $_SESSION['sessionaccess']=$access;// "that is print wrong result " access level doesn't change based on user logged in
echo $_SESSION['sessionloginid'];
}
ob_end_flush();
?>
这是登录页面:
$username = $_POST['username'];
$userpass = $_POST['userpass'];
$loginid = $_POST['login_id'];
if($username && $userpass )
{
$finduser = mysqli_query($link,"SELECT * FROM login_pre WHERE username = '".$username."' AND userpass = '".$userpass."'") or die("error");
if(mysqli_num_rows($finduser) !=0)
{
while($row = mysqli_fetch_array($finduser))
{$uname = $row['username'];
$upass = $row['userpass'];
$uloginid = $row['login_id'];
}
}
if($username == $uname && $userpass == $upass )
{
$_SESSION['sessionname'] =$uname;
$_SESSION['sessionpass'] =$upass;
$_SESSION['sessionloginid'] =$uloginid;
echo $_SESSION['sessionloginid'];//result 124 of users
}else header("location: login2.php");
ob_end_flush();
您的查询需要修改。添加一个条件以检索与当前$_SESSION['sessionloginid']
匹配的access level
条件。试试这个:
<?php
if(isset($_SESSION['sessionloginid']))// point to id of user logged in
{
$query ="SELECT * FROM privilege where logi_id='".$_SESSION['sessionloginid']."'" ;
$result = mysqli_query($link,$query) or die('');
while($row = mysqli_fetch_array($result, MYSQLI_ASSOC))
{
$access = $row['AccessLevel'];
echo $_SESSION['sessionaccess']=$access;
echo $_SESSION['sessionloginid'];
}
}
ob_end_flush();
?>