我希望能够在用户"admin"登录时显示编辑按钮。这是我的登录页面代码:
<?PHP
$uname = "";
$pword = "";
$errorMessage = "";
//==========================================
// ESCAPE DANGEROUS SQL CHARACTERS
//==========================================
function quote_smart($value, $handle) {
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value, $handle) . "'";
}
return $value;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
$uname = $_POST['username'];
$pword = $_POST['password'];
$uname = htmlspecialchars($uname);
$pword = htmlspecialchars($pword);
//==========================================
// CONNECT TO THE LOCAL DATABASE
//==========================================
$user_name = "root";
$pass_word = "Newpass123#";
$database = "seatmapping";
$server = "localhost";
$db_handle = mysql_connect($server, $user_name, $pass_word);
$db_found = mysql_select_db($database, $db_handle);
if ($db_found) {
$uname = quote_smart($uname, $db_handle);
$pword = quote_smart($pword, $db_handle);
$SQL = "SELECT * FROM userauth WHERE username = $uname AND pswd = md5($pword)";
$result = mysql_query($SQL);
$username = $_SESSION['username'];
$num_rows = mysql_num_rows($result);
//====================================================
// CHECK TO SEE IF THE $result VARIABLE IS TRUE
//====================================================
if ($result) {
if ($num_rows > 0) {
session_start();
$_SESSION['login'] = "1";
header ("Location: main.php");
}
else {
$errorMessage = "Invalid username/password.";
}
}
else {
$errorMessage = "Error logging on.";
}
mysql_close($db_handle);
}
else {
$errorMessage = "Error logging on.";
}
}
?>
下面是一个 ajax 脚本,当用户"admin"登录时,它应该显示编辑按钮。不过我无法让它工作。请感谢任何帮助。提前谢谢你。
<?php
session_start();
$q = intval($_GET['q']);
$con = mysql_connect('localhost','root','Newpass123#','seatmapping');
if (!$con){
die('Could not connect: ' . mysql_error());
}
mysql_select_db('seatmapping');
$sql="SELECT name, seatid FROM seats WHERE seatid = ".$q;
$result = mysql_query($sql) or die("Query Error " . mysql_error());
echo "<table class='box'>
<tr>
<th>Name</th>
<th>Seat Number</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['seatid'] . "</td>";
if ($_SESSION['username'] == 'admin'){
echo "<td><a>Edit</a></td>";
}
echo "</tr>";
}
echo "</table>";
mysql_close($con);
?>
如果问题或代码中仍有不足之处,请随时说出来。 :)
而不是$_SESSION['username']
,
您应该使用$uname
来检查用户名,并将第一个文件包含在顶部的第二个文件中,例如:
include 'filename.php';
为管理员用户
添加不同的部分比如 $_SESSION['admin_user']
然后检查管理部分是否处于活动状态;
如果处于活动状态,则显示编辑按钮