1. 首页
  2. 问答
  3. 会话不能正常工作,互相重叠

会话不能正常工作,互相重叠

2017-08-30 50 views
0

我的会话有问题,我的应用程序中有一项功能,需要两种不同类型的用户登录,一种是Admin,这意味着他可以尽一切可能在应用程序内,另一个是编辑器,他只能做几件事。会话不能正常工作,互相重叠

我的问题是,会议似乎是相互重叠,我登录管理员和会议信息是从编辑器。

继承人从管理我的登录:

<!---Login PHP---> 
<?php 
    if(isset($_POST['btn-login'])) { 

    $email = $_POST['email']; 
    $senha = $_POST['senha']; 

    $Error = false; 

    if (empty($email)) { 
     $Error= true; 
     $error = "Preencha o email."; 
    } 

    if (empty($senha)) { 
     $Error = true; 
     $error2 = "Preencha a senha."; 
    } 
    if($email) {   
      $sql = "SELECT email FROM admin WHERE email = '$email'"; 
      $stmt = $conn->prepare($sql); 
      $stmt->execute(); 
      $cout = $stmt->rowCount(); 
      //echo "Email - ".$cout; 
     } 
     if($senha) { 
      $sql = "SELECT senha FROM admin WHERE email = '$email'"; 
      $stmt = $conn->prepare($sql); 
      $stmt->execute(); 
      $cout = $stmt->rowCount(); 
      if($cout == 1) { 
      //echo "<br>Password - ".$cout; 
       $hashed = $stmt->fetch(PDO::FETCH_ASSOC); 
       //echo "<br>Password HASHED - ".$hashed['senha']; 
       $hashed_pass = $hashed['senha']; 
      } 
     } 



    if (!empty($email) && !empty($senha) && filter_var($email,FILTER_VALIDATE_EMAIL) && password_verify($senha,$hashed_pass) && !$Error) { 

     $sql = "SELECT email, senha FROM admin WHERE email ='$email' AND senha = '$hashed_pass'"; 
     $query = $conn->prepare($sql); 
     $query->execute(); 
     $count = $query->rowCount(); 

      if($count == 1){      
       session_start(); 
        $_SESSION['email'] = $email; 
        $_SESSION['senha'] = $crypt; 
        header("Location: home.php"); 
        exit; 
      } 

      else { 

       $error = "Erro: password ou email errados"; 

      } 

    } 
    } 

    ?>

我的继承人编辑登录:

<?php 
/*EDITOR*/ 
    if(isset($_POST['btn-login2'])) { 

    $email = $_POST['email']; 
    $senha = $_POST['senha']; 

    if (empty($email)) { 
     echo "Preencha o email"; 
    } 

    if (empty($senha)) { 
     echo "Preencha a senha"; 
    } 
    if($email) {   
      $sql = "SELECT email FROM editor WHERE email = '$email'"; 
      $stmt = $conn->prepare($sql); 
      $stmt->execute(); 
      $cout = $stmt->rowCount(); 
      //echo "Email - ".$cout; 
     } 
     if($senha) { 
      $sql = "SELECT senha FROM editor WHERE email = '$email'"; 
      $stmt = $conn->prepare($sql); 
      $stmt->execute(); 
      $cout = $stmt->rowCount(); 
      if($cout == 1) { 
      //echo "<br>Password - ".$cout; 
       $hashed = $stmt->fetch(PDO::FETCH_ASSOC); 
       //echo "<br>Password HASHED - ".$hashed['senha']; 
       $hashed_pass = $hashed['senha']; 
      } 
     } 


    if (!empty($email) && !empty($senha) && filter_var($email,FILTER_VALIDATE_EMAIL) && password_verify($senha,$hashed_pass)) { 

     $sql = "SELECT email, senha FROM editor WHERE email ='$email' AND senha = '$hashed_pass'"; 
     $query = $conn->prepare($sql); 
     $query->execute(); 
     $count = $query->rowCount(); 

      if($count == 1){ 
       session_start(); 

        // criar sessão com o email recebido por post e mandar o utilizador para a página home 
        $_SESSION['email_e'] = $email; 
        $_SESSION['senha_e'] = $senha; 
        header("Location: home.php"); 
        exit; 
      } 

      else { 

       echo "Erro: password ou email errados"; 

      } 

    } 
    } 
    ?>

这里是会议文件:

<?php 
    ob_start(); 
    session_start(); 
    // if session is not set this will redirect to login page 
    if(!isset($_SESSION['email']) && !isset($_SESSION['senha'])) { 
     header("Location: admin.php"); 
     exit; 
    } 
    // ADMIN SESSIONS 
    if(isset($_SESSION['email'])){ 
    //echo "entrei"; 
     // select loggedin users detail 
     $res = "SELECT * FROM admin WHERE email='".$_SESSION['email']."'"; 
     $stmt = $conn->prepare($res); 
     //echo "<br>SQL - > ".$res; 
     $stmt ->execute(); 
     $count = $stmt ->rowCount(); 
     if ($count == 1) { 
      $userRow = $stmt->fetch(PDO::FETCH_ASSOC); 
     }  
    } 
    //EDITOR SESSIONS 
    if(isset($_SESSION['email_e'])) { 
    //echo "<br>Entrei2"; 
     $sql = "SELECT * FROM editor WHERE email = '".$_SESSION['email_e']."'"; 
     //echo "<br>SQL - > ".$sql; 
     $stmt = $conn->prepare($sql); 
     $stmt->execute(); 
     $count = $stmt->rowCount(); 
     if($count == 1) { 
      $userRow = $stmt->fetch(PDO::FETCH_ASSOC); 
     } 
     //echo "<br>Contagem - ".$count; 
    } else { 
    echo "<br>Sem Sucesso"; 
    } 

?>

当我试图解决这个问题,虽然它可能是因为我没有破坏会议,但仍然没有解决这个问题,我可能是干什么的我相信这里有什么不对。

注销文件:

<?php 
    session_start(); 
    ob_start(); 

    if (!isset($_SESSION['email']) || !isset($_SESSION['email_e'])) { 
     header("Location: index.php"); 
     exit(); 
    } else if(isset($_SESSION['email'])!="") { 
     header("Location: index.php"); 
     exit(); 
    } 
    //ADMIN LOGOUT 
    if (isset($_GET['logout'])) { 
     unset($_SESSION['email']); 
     unset($_SESSION['email_e']); 
     session_unset(); 
     session_destroy(); 
     header("Location: error.php"); 
     exit; 
    } 
    ob_end_flush(); 
?>

在此先感谢任何人谁anwsers。

来源

2017-08-30 Ruben Perdigao

+0

你是登录到一个帐户,然后再登录? – Adam

+1

如果您使用同一浏览器登录到两个帐户,那么最终会出现这种混淆。使用两种不同的浏览器。 – Stuart

+0

是的,我登录到编辑器,然后注销登录到管理员 –

回答

1

对于我来说,通过创建2个不同的会话变量来处理2种类型的用户似乎很奇怪。我相信正在发生的事情是,某种变量不会被忽略,从而导致您的问题。

使用相同的变量($ _SESSION ['email'])然后根据用户类型显示你想要的任何内容会简单得多。

认为您需要在某些时候添加新的用户类型:您必须编辑处理登录和注销的所有代码,这是不正常的。

尝试仅为管理员和编辑者创建一个登录页面,并根据他们的电子邮件从数据库获取其用户类型。

来源

2017-08-30 18:01:54

+0

他没有使用不同的登录页面。处理登录的逻辑在两种类型的用户的'login.php'中执行。 – BugHunterUK

+0

是的,我的坏,我的意思是说相同的按钮/代码。 –

+0

其实我错了哈哈。道歉哥们。他的确有两个不同的登录流程。你是对的,那是个坏主意。 – BugHunterUK

相关问题

 相关问题