我的会话有问题,我的应用程序中有一项功能,需要两种不同类型的用户登录,一种是Admin,这意味着他可以尽一切可能在应用程序内,另一个是编辑器,他只能做几件事。会话不能正常工作,互相重叠
我的问题是,会议似乎是相互重叠,我登录管理员和会议信息是从编辑器。
继承人从管理我的登录:
<!---Login PHP--->
<?php
if(isset($_POST['btn-login'])) {
$email = $_POST['email'];
$senha = $_POST['senha'];
$Error = false;
if (empty($email)) {
$Error= true;
$error = "Preencha o email.";
}
if (empty($senha)) {
$Error = true;
$error2 = "Preencha a senha.";
}
if($email) {
$sql = "SELECT email FROM admin WHERE email = '$email'";
$stmt = $conn->prepare($sql);
$stmt->execute();
$cout = $stmt->rowCount();
//echo "Email - ".$cout;
}
if($senha) {
$sql = "SELECT senha FROM admin WHERE email = '$email'";
$stmt = $conn->prepare($sql);
$stmt->execute();
$cout = $stmt->rowCount();
if($cout == 1) {
//echo "<br>Password - ".$cout;
$hashed = $stmt->fetch(PDO::FETCH_ASSOC);
//echo "<br>Password HASHED - ".$hashed['senha'];
$hashed_pass = $hashed['senha'];
}
}
if (!empty($email) && !empty($senha) && filter_var($email,FILTER_VALIDATE_EMAIL) && password_verify($senha,$hashed_pass) && !$Error) {
$sql = "SELECT email, senha FROM admin WHERE email ='$email' AND senha = '$hashed_pass'";
$query = $conn->prepare($sql);
$query->execute();
$count = $query->rowCount();
if($count == 1){
session_start();
$_SESSION['email'] = $email;
$_SESSION['senha'] = $crypt;
header("Location: home.php");
exit;
}
else {
$error = "Erro: password ou email errados";
}
}
}
?>
我的继承人编辑登录:
<?php
/*EDITOR*/
if(isset($_POST['btn-login2'])) {
$email = $_POST['email'];
$senha = $_POST['senha'];
if (empty($email)) {
echo "Preencha o email";
}
if (empty($senha)) {
echo "Preencha a senha";
}
if($email) {
$sql = "SELECT email FROM editor WHERE email = '$email'";
$stmt = $conn->prepare($sql);
$stmt->execute();
$cout = $stmt->rowCount();
//echo "Email - ".$cout;
}
if($senha) {
$sql = "SELECT senha FROM editor WHERE email = '$email'";
$stmt = $conn->prepare($sql);
$stmt->execute();
$cout = $stmt->rowCount();
if($cout == 1) {
//echo "<br>Password - ".$cout;
$hashed = $stmt->fetch(PDO::FETCH_ASSOC);
//echo "<br>Password HASHED - ".$hashed['senha'];
$hashed_pass = $hashed['senha'];
}
}
if (!empty($email) && !empty($senha) && filter_var($email,FILTER_VALIDATE_EMAIL) && password_verify($senha,$hashed_pass)) {
$sql = "SELECT email, senha FROM editor WHERE email ='$email' AND senha = '$hashed_pass'";
$query = $conn->prepare($sql);
$query->execute();
$count = $query->rowCount();
if($count == 1){
session_start();
// criar sessão com o email recebido por post e mandar o utilizador para a página home
$_SESSION['email_e'] = $email;
$_SESSION['senha_e'] = $senha;
header("Location: home.php");
exit;
}
else {
echo "Erro: password ou email errados";
}
}
}
?>
这里是会议文件:
<?php
ob_start();
session_start();
// if session is not set this will redirect to login page
if(!isset($_SESSION['email']) && !isset($_SESSION['senha'])) {
header("Location: admin.php");
exit;
}
// ADMIN SESSIONS
if(isset($_SESSION['email'])){
//echo "entrei";
// select loggedin users detail
$res = "SELECT * FROM admin WHERE email='".$_SESSION['email']."'";
$stmt = $conn->prepare($res);
//echo "<br>SQL - > ".$res;
$stmt ->execute();
$count = $stmt ->rowCount();
if ($count == 1) {
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
}
}
//EDITOR SESSIONS
if(isset($_SESSION['email_e'])) {
//echo "<br>Entrei2";
$sql = "SELECT * FROM editor WHERE email = '".$_SESSION['email_e']."'";
//echo "<br>SQL - > ".$sql;
$stmt = $conn->prepare($sql);
$stmt->execute();
$count = $stmt->rowCount();
if($count == 1) {
$userRow = $stmt->fetch(PDO::FETCH_ASSOC);
}
//echo "<br>Contagem - ".$count;
} else {
echo "<br>Sem Sucesso";
}
?>
当我试图解决这个问题,虽然它可能是因为我没有破坏会议,但仍然没有解决这个问题,我可能是干什么的我相信这里有什么不对。
注销文件:
<?php
session_start();
ob_start();
if (!isset($_SESSION['email']) || !isset($_SESSION['email_e'])) {
header("Location: index.php");
exit();
} else if(isset($_SESSION['email'])!="") {
header("Location: index.php");
exit();
}
//ADMIN LOGOUT
if (isset($_GET['logout'])) {
unset($_SESSION['email']);
unset($_SESSION['email_e']);
session_unset();
session_destroy();
header("Location: error.php");
exit;
}
ob_end_flush();
?>
在此先感谢任何人谁anwsers。
你是登录到一个帐户,然后再登录? – Adam
如果您使用同一浏览器登录到两个帐户,那么最终会出现这种混淆。使用两种不同的浏览器。 – Stuart
是的,我登录到编辑器,然后注销登录到管理员 –