php 如何在php中使用管理员和用户制作登录表单
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22340304/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-25 04:50:47 来源:igfitidea点击:
How to make login form with admin and user in php
提问by vanesa
i want to make log-in form with admin and user, but i can't use the session_start() because it always make my variable undefined and it doesn't show any result. is there anybody who can help me? thanks in advance here is my code:
我想用管理员和用户制作登录表单,但我不能使用 session_start() 因为它总是使我的变量未定义并且不显示任何结果。有人可以帮助我吗?预先感谢这是我的代码:
<html>
<body>
<?php
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
?>
<form id="home_id" method ="POST" enctype ="multipart/form-data">
<script>
function submitForm(action)
{
document.getElementById('home_id').action=action;
document.getElementById('home_id').submit();
}
</script>
<p align = right> Username: <input type ="text" name ="user" placeholder="Enter username">
<p align = right> Password: <input type ="password" name ="pass" placeholder="Enter password">
<input type="submit" value="login" name="submit"
<?php
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
?>
<?php
$user=$_POST['user'];
$pass=$_POST['pass'];
$user=stripslashes('$user');
$pass=stripslashes('$pass');
$user=mysql_real_escape_string('$user');
$pass=mysql_real_escape_string('$pass');
$query="SELECT * FROM account WHERE username='$user' AND password='$pass'";
$result=mysql_query($query);
$count=mysql_num_rows($result);
$row=mysql_fetch_array($result);
if (isset($_POST['submit']))
if ($count==1){
session_start();
$session("user");
$session("pass") ;
if ($row['usertype']==0){
header("location:admin_home.php");
echo ("you logged in as admin");
}
elseif ($row['usertype']==1) {
header("location:cashier_home.php");
echo ("you logged in as cashier");
}
else {
echo "invalid password and username";
}
}
?>
</body>
</html>
here is my updated code and the complete code for the whole form :
这是我更新的代码和整个表单的完整代码:
<html>
<body>
<?php
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
?>
<form id="home_id" method ="POST" enctype ="multipart/form-data">
<script>
function submitForm(action)
{
document.getElementById('home_id').action=action;
document.getElementById('home_id').submit();
}
</script>
<p align = right> Username: <input type ="text" name ="user" placeholder="Enter username">
<p align = right> Password: <input type ="password" name ="pass" placeholder="Enter password">
<input type="submit" value="login" name="submit" >
<?php
if (isset($_POST['submit'])){
$user=$_POST['user'];
$pass=$_POST['pass'];
$user=stripslashes('$user');
$pass=stripslashes('$pass');
$user=mysql_real_escape_string('$user');
$pass=mysql_real_escape_string('$pass');
$query="SELECT * FROM account WHERE username='$user' AND password='$pass'";
$result=mysql_query($query);
$count=mysql_num_rows($result);
if ($count==1){
session_start();
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
$row=mysql_fetch_array($result);
if ($row['usertype']==0){
header("location:admin_home.php");
echo ("you logged in as admin");
}
elseif ($row['usertype']==1) {
header("location:cashier_home.php");
echo ("you logged in as cashier");
}
else {
echo "invalid password and username";
}
}
}
?>
<p align=left><input type="text" name="search" placeholder="enter barcode or item name"><input type="submit" name="searched" onclick="submitForm('finalhome.php')">
<?php
$output="";
if (isset($_POST['search'])){
$searchq=$_POST['search'];
$searchq=mysql_real_escape_string($searchq);
$order="SELECT * FROM stock WHERE barcode LIKE '%$searchq' OR itemname LIKE '%$searchq'";
$result=mysql_query($order);
$count=mysql_num_rows($result);
if ($count>=1){
while($row=mysql_fetch_array($result)){
$barcode=$row['barcode'];
$itemname=$row['itemname'];
$description=$row['description'];
$amount=$row['amount'];
$stocks=$row['stocks'];
$location=$row['location'];
}
$output="<div>'.$barcode.' '.$itemname.' '.$description.' '.$amount.' '.$stocks.' '.$location.' </div>";
}
else
{
$output='no results';
}
}
?>
<table border=5 align=center >
<tr><th>Barcode </th><th>Item name </th><th>Description</th><th>Amount</th><th>Stock</th><th>Location</th>
</tr>
<tr><td>$_POST['$barcode']</td><td>$_POST['$itemname']</td><td>S_POST['$description']</td><td>$_POST['$amount']</td><td>$_POST['$stock']</td><td>$_POST['$location</td></tr>
</table>
<?php print("$output"); ?>
</body>
</html>
the problem now, when the user log-in it doesn't go to admin_home.php or to the cashier_home.php. when i click log-in button, it shows the search data.
现在的问题是,当用户登录时,它不会转到 admin_home.php 或 cashier_home.php。当我单击登录按钮时,它会显示搜索数据。
here is the code for my admin_home.php:
这是我的 admin_home.php 的代码:
<?php
session_start();
if (isset[$_SESSION['user']=$user) || (isset[$_SESSION['pass']=$pass ){
echo "success login"; }
?>
回答by kraysak
the problem seems to be in those lines:
问题似乎出在这些行中:
$session("user");
$session("pass") ;
in session_start()you will see that those lines are wrong, it should be
在session_start()你会看到那些行是错误的,应该是
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
please, test this code (it shoul work, i hope ;) )
请测试此代码(它应该可以工作,我希望;))
<html>
<body>
<form id="home_id" method="POST" action="<?php echo $_SERVER[PHP_SELF]?>">
<script>
function submitForm(action)
{
document.getElementById('home_id').action=action;
document.getElementById('home_id').submit();
}
</script>
<p align = right> Username: <input type ="text" name ="user" placeholder="Enter username">
<p align = right> Password: <input type ="password" name ="pass" placeholder="Enter password">
<input type="submit" value="login" name="submit" >
</body>
</html>
<?php
if (isset($_POST['submit'])){
mysql_connect( "localhost" , "admin" , "123") or die(mysql_error());
mysql_select_db("minimart_database") or die(mysql_error());
$user=$_POST['user'];
$pass=$_POST['pass'];
$user=stripslashes('$user');
$pass=stripslashes('$pass');
$user=mysql_real_escape_string('$user');
$pass=mysql_real_escape_string('$pass');
$query="SELECT * FROM account WHERE username='$user' AND password='$pass'";
$result=mysql_query($query) or die ("error: ".mysql_error());
if (mysql_num_rows($result)==1){
session_start();
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
$row=mysql_fetch_array($result);
if ($row['usertype']==0){
header("location:admin_home.php");
}
elseif ($row['usertype']==1) {
header("location:cashier_home.php");
}
}
else
echo "invalid password and username";
}//from isset(submit)
?>
debugg..
调试..
if (mysql_num_rows($result)==1){
echo "only 1 record in database";
session_start();
$_SESSION["user"]=$user;
$_SESSION["pass"]=$pass ;
$row=mysql_fetch_array($result);
if ($row['usertype']==0){
echo "admin user";
}
elseif ($row['usertype']==1) {
echo "normal user";
}
}
else
echo "invalid password and username";
