查閱的資料,先縫合成自己的,寫登錄註冊頁面是要注意的細節。
http://bbs.csdn.net/topics/390888578
<?php
error_reporting(0);
@session_start();
require_once 'conn/conn.php';
$user_name=$_POST['name'];
$password=md5($_POST['password']);
$_SESSION['user_name']=$user_name;
if(strlen($user_name)<1){
?>
<html>
<head>
<title>管理員登陸</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>
<center>
<form method="post" action="admin.php">
<table border='1'>
<tr>
<th colspan='2' bgcolor='cccccc'>用戶登陸</th>
</tr>
<tr>
<td align='right'>Username:</td>
<td><input type='text' name='name' maxlength='16' size='16'></input></td>
</tr>
<tr>
<td align='right'>Password:</td>
<td><input type='password' name='password' size='16' maxlength='10'></input></td>
</tr>
<tr>
<td colspan='2'><font size="2"><input type='submit' value='確認登陸'></input>
<input type='reset' value='重新填寫'></input>
<a href='message.php'>註冊新用戶</a>
</font></td>
</tr>
</table>
</form>
</center>
<?php
}
else if(strlen($user_name)>1){
$query="select * from admin where user_name=? and password=?";
// echo $query;
// exit;
$st=$db->prepare($query);
$rs = $st->execute(array($user_name,$password));
if($rs == false)
{
echo "<center><script>alert('登陸失敗!');window.location.href='admin.php'</script></center>";
}
else
{
// echo "登陸成功!";
echo "<center><script>alert('管理員登陸成功!');window.location.href='admin_select_neirong.php'</script></center>";
}
}
?>
</body>
</html>
兩個問題
1. $_SESSION['user_name']=$user_name; 這句應該登入成功後再調用
2. 普通用戶與管理員都用$_SESSION['user_name']判斷是否登入,這樣普通用戶登入後,判斷管理員登入都會是登入狀態了。
應該把管理員的登入保存寫成$_SESSION['admin_user_name'] 在管理員纔可以進入的頁面,判斷$_SESSION['admin_user_name']而不是$_SESSION['user_name']
