我想创建一个表,其中每个用户/组只能看到他们的数据。通过会话获取登录用户的详细信息
所以我做了每一个用户/组拥有用户表内的用户类型数量
+---------+----------+------------------------------------------+----------+
| User_id | username | pwd | usertype |
+---------+----------+------------------------------------------+----------+
例如,如果用户类型为1的值,就可以看到与此查询表(SELECT * FROM表WHERE用户类型=“1”)
这是我loginsubmit.php哪里是提交并启动会话
<?php
require_once('php_action/db_connect.php');
session_start();
if(isset($_SESSION['user_id']))
{
$message = 'User is already logged in';
}
if(!isset($_POST['username'], $_POST['pwd']))
{
$message = 'Please enter a valid username and password';
}
else if (strlen($_POST['username']) > 20 || strlen($_POST['username']) < 4)
{
$message = 'Incorrect Length for Username';
}
else if (strlen($_POST['pwd']) > 20 || strlen($_POST['pwd']) < 4)
{
$message = 'Incorrect Length for Password';
}
else if (ctype_alnum($_POST['username']) != true)
{
$message = "Username must be alpha numeric";
}
else {
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$pwd = filter_var($_POST['pwd'], FILTER_SANITIZE_STRING);
$pwd = sha1($pwd);
try {
$sql = "SELECT User_ID FROM User_Dfn WHERE username = '".$username."' AND pwd = '".$pwd."'";
if($result=mysqli_query($connect,$sql)) {
while($row=mysqli_fetch_assoc($result)) {
$user_id = $row['User_ID'];
$usertype = $row['usertype'];
$_SESSION['user_id'] = $user_id;
$_SESSION['usertype'] = $usertype;
$_SESSION['timeout'] = time();
header("Location: index.php");
}
}
if($user_id == false);
{
$message ='Login Failed';
}
} catch(Exception $e) { $message = 'Unable to process request'; }
}
?>
这里是PHP文件中,这样检索数据的片段。
<?php
require_once 'db_connect.php';
$usertype= $_SESSION['usertype'];
$output = array('data' => array());
$sql = "SELECT * FROM Service WHERE user_id = '$usertype'";
$query = $connect->query($sql);
嗯,我希望你明白我想解释,这对我来说有点复杂..
它只是不加载用户类型为sqlquery的。我想我做错了什么
请帮
谢谢
是什么问题呢? – Akshay
它不会将usertype加载到sql查询中... – Woonghee
这里'$ sql =“选择*从服务WHERE user_id ='$ usertype'”;'你遇到问题 – Akshay