LOGINPAGE.html:这是用户输入用户名和密码的地方。PHP方法是POST。
<html>
<head>
<title>
LOG IN
</title>
<style>
body {
text-align: center;
}
</style>
</head>
<body>
<form action = "loginDatabase.php" method = "POST">
<label>User name:</label>
<input type="text" id="userNameID" name="userNameName" required>
<br />
<label>Password:</label>
<input type="password" id="passwordID" name="passwordName" required>
<br />
<input type="submit" id="submitLoginID" name="submitLoginName">
</form>
</body>
</html>
LOGINDATABASE.php:这是一个处理部分,mysql查询将根据LOGINPAGE.php上给定的用户名引用要在ADMINPAGE..php上显示的记录。我无法确定第7行中的want出错,因为我总是收到错误通知:第7行上的/opt/lamp/htdocs/UsersDatabaseProgram/loginDatabase.php中的未定义索引:userNameName
<?php
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
include('connect.php');
session_start();
$result = mysqli_query($con, "SELECT * FROM addUsers WHERE userName = '" . $_GET['userNameName'] . "'");
if ($_SERVER ["REQUEST_METHOD"] == "POST") {
$userName = $_POST['userNameName'];
$password = $_POST['passwordName'];
/*
This doesnt work
$email = $row['email'];
$userlevel = $row['userLevel'];
*/
$sql = "SELECT * FROM addUsers WHERE userName = '".$userName."' AND password = '".$password."'";
$result = mysqli_query($con, $sql);
$row = mysqli_fetch_array($result);
$count = mysqli_num_rows($result);
if ($row["userLevel"] == "user") {
$_SESSION["userName"] = $userName;
header('location: userPage.php');
} elseif ($row["userLevel"] == "admin") {
$_SESSION["userName"] = $userName;
header('location: adminPage.php');
} else {
echo "<h1> Login failed. Invalid username or password.</h1>";
}
}
?>
ADMINPAGE.php:这是显示用户名称、用户级别和用户状态的位置。
<?php
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
include('connect.php');
include('loginDatabase.php');
?>
<html>
<head>
<style>
body {
text-align: center;
}
</style>
</head>
<body>
<h2>Admin</h2>
<a href = "logOut.php">Log-out</a> <br />
<a href = "viewRecords.php">View records</a> <br />
<a href = "addUsers.html">Add Record</a> <br />
<label>Welcome</label><br />
<?php echo $_SESSION["userName"] ?>
<br />
<label>User level: </label>
<?php
while ($row = mysqli_fetch_array($result)) {
?>
<input type = "text" name = "userLevelName" value = " <?php echo $row['userLevel']; ?>"> <br />
<label>Email: </label>
<input type = "text" name = "userEmailName" value = " <?php echo $row['email']; ?>">
<?php
}
?>
<br />
</body>
</html>
您将以POST的形式发送数据,然后尝试以GET的形式访问它(然后在第11行再次检索它!!)。
把它改成这样:-
if ($_SERVER ["REQUEST_METHOD"] == "POST") {
$userName = $_POST['userNameName'];
$password = $_POST['passwordName'];
}
$result = mysqli_query($con, "SELECT * FROM addUsers WHERE userName = '$userName'");