我想让登录表单与管理员和用户,但我不能使用session_start(),因为它总是使我的变量未定义,它不显示任何结果。有人能帮我吗?谢谢提前这是我的代码:
<html>
<body>
<?php
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
?>
<form id="home_id" method ="POST" enctype ="multipart/form-data">
<script>
function submitForm(action)
{
document.getElementById('home_id').action=action;
document.getElementById('home_id').submit();
}
</script>
<p align = right> Username: <input type ="text" name ="user" placeholder="Enter username">
<p align = right> Password: <input type ="password" name ="pass" placeholder="Enter password">
<input type="submit" value="login" name="submit"
<?php
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
?>
<?php
$user=$_POST['user'];
$pass=$_POST['pass'];
$user=stripslashes('$user');
$pass=stripslashes('$pass');
$user=mysql_real_escape_string('$user');
$pass=mysql_real_escape_string('$pass');
$query="SELECT * FROM account WHERE username='$user' AND password='$pass'";
$result=mysql_query($query);
$count=mysql_num_rows($result);
$row=mysql_fetch_array($result);
if (isset($_POST['submit']))
if ($count==1){
session_start();
$session("user");
$session("pass") ;
if ($row['usertype']==0){
header("location:admin_home.php");
echo ("you logged in as admin");
}
elseif ($row['usertype']==1) {
header("location:cashier_home.php");
echo ("you logged in as cashier");
}
else {
echo "invalid password and username";
}
}
?>
</body>
</html>
下面是我更新的代码和整个表单的完整代码:
<html>
<body>
<?php
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
?>
<form id="home_id" method ="POST" enctype ="multipart/form-data">
<script>
function submitForm(action)
{
document.getElementById('home_id').action=action;
document.getElementById('home_id').submit();
}
</script>
<p align = right> Username: <input type ="text" name ="user" placeholder="Enter username">
<p align = right> Password: <input type ="password" name ="pass" placeholder="Enter password">
<input type="submit" value="login" name="submit" >
<?php
if (isset($_POST['submit'])){
$user=$_POST['user'];
$pass=$_POST['pass'];
$user=stripslashes('$user');
$pass=stripslashes('$pass');
$user=mysql_real_escape_string('$user');
$pass=mysql_real_escape_string('$pass');
$query="SELECT * FROM account WHERE username='$user' AND password='$pass'";
$result=mysql_query($query);
$count=mysql_num_rows($result);
if ($count==1){
session_start();
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
$row=mysql_fetch_array($result);
if ($row['usertype']==0){
header("location:admin_home.php");
echo ("you logged in as admin");
}
elseif ($row['usertype']==1) {
header("location:cashier_home.php");
echo ("you logged in as cashier");
}
else {
echo "invalid password and username";
}
}
}
?>
<p align=left><input type="text" name="search" placeholder="enter barcode or item name"><input type="submit" name="searched" onclick="submitForm('finalhome.php')">
<?php
$output="";
if (isset($_POST['search'])){
$searchq=$_POST['search'];
$searchq=mysql_real_escape_string($searchq);
$order="SELECT * FROM stock WHERE barcode LIKE '%$searchq' OR itemname LIKE '%$searchq'";
$result=mysql_query($order);
$count=mysql_num_rows($result);
if ($count>=1){
while($row=mysql_fetch_array($result)){
$barcode=$row['barcode'];
$itemname=$row['itemname'];
$description=$row['description'];
$amount=$row['amount'];
$stocks=$row['stocks'];
$location=$row['location'];
}
$output="<div>'.$barcode.' '.$itemname.' '.$description.' '.$amount.' '.$stocks.' '.$location.' </div>";
}
else
{
$output='no results';
}
}
?>
<table border=5 align=center >
<tr><th>Barcode </th><th>Item name </th><th>Description</th><th>Amount</th><th>Stock</th><th>Location</th>
</tr>
<tr><td>$_POST['$barcode']</td><td>$_POST['$itemname']</td><td>S_POST['$description']</td><td>$_POST['$amount']</td><td>$_POST['$stock']</td><td>$_POST['$location</td></tr>
</table>
<?php print("$output"); ?>
</body>
</html>
现在的问题,当用户登录它不去admin_home.php或cashier_home.php。当我点击登录按钮时,它会显示搜索数据。
下面是我的admin_home.php代码:<?php
session_start();
if (isset[$_SESSION['user']=$user) || (isset[$_SESSION['pass']=$pass ){
echo "success login"; }
?>
问题似乎在这几行:
$session("user");
$session("pass") ;
在session_start()中你会看到那些行是错误的,它应该是
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
请测试这段代码(它应该工作,我希望;))
<html>
<body>
<form id="home_id" method="POST" action="<?php echo $_SERVER[PHP_SELF]?>">
<script>
function submitForm(action)
{
document.getElementById('home_id').action=action;
document.getElementById('home_id').submit();
}
</script>
<p align = right> Username: <input type ="text" name ="user" placeholder="Enter username">
<p align = right> Password: <input type ="password" name ="pass" placeholder="Enter password">
<input type="submit" value="login" name="submit" >
</body>
</html>
<?php
if (isset($_POST['submit'])){
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
$user=$_POST['user'];
$pass=$_POST['pass'];
$user=stripslashes('$user');
$pass=stripslashes('$pass');
$user=mysql_real_escape_string('$user');
$pass=mysql_real_escape_string('$pass');
$query="SELECT * FROM account WHERE username='$user' AND password='$pass'";
$result=mysql_query($query) or die ("error: ".mysql_error());
if (mysql_num_rows($result)==1){
session_start();
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
$row=mysql_fetch_array($result);
if ($row['usertype']==0){
header("location:admin_home.php");
}
elseif ($row['usertype']==1) {
header("location:cashier_home.php");
}
}
else
echo "invalid password and username";
}//from isset(submit)
?>
debugg . .
if (mysql_num_rows($result)==1){
echo "only 1 record in database";
session_start();
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
$row=mysql_fetch_array($result);
if ($row['usertype']==0){
echo "admin user";
}
elseif ($row['usertype']==1) {
echo "normal user";
}
}
else
echo "invalid password and username";