 Logowanie osobno admin i user |
  |
| Logowanie osobno admin i user |
 21.06.2015, 07:50:45
Post
#1
|
|
|
Grupa: Zarejestrowani Postów: 8 Pomógł: 0 Dołączył: 13.02.2011 Ostrzeżenie: (0%) 
 |
Mam pewien kod i chciałbym go przerobić na własny użytek. Potrzebuje zrobić logowanie osobno jako administrator i w nim możliwość edytowania oraz usuwania pozycji. Natomiast zwykłe konta do tylko tworzenia pozycji.
Druga sprawa gdzie zwiększyć pole i liczbę znaków w "PublisherName" (home.php). home.php Kod <?php include_once 'dbconfig.php'; if(!$user->is_loggedin()) { $user->redirect('index.php'); } $user_id = $_SESSION['user_session']; $stmt = $DB_con->prepare("SELECT * FROM users WHERE user_id=:user_id"); $stmt->execute(array(":user_id"=>$user_id)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); ?> <!DOCTYPE HTML> <html> <head> <title>HTML5/CSS3 Responsive Theme</title> <meta charset="utf-8"> <link rel="stylesheet" href="styleweb.css" type="text/css"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> </head> <body class="body"> <header class="gora_strony"> <div class="logo"> <h1>Ogłoszenia24.pl</h1> </div> <div class="right"> <img src="images/user.jpg"> Witaj! <b><?php print($userRow['user_name']); ?></b> <label><a href="logout.php?logout=true"><i class="glyphicon glyphicon-log-out"></i>Wyloguj</a></label> </div> </div> </header> <div class="middle_nav"> </div> <div class="content"> <form method="post"> <table> <tr> <td>Title:</td> <td><input type="text" name="title" /></td> </tr> <tr> <td>Author</td> <td><input type="text" name="author" /></td> </tr> <tr> <td>Publisher Name</td> <td><textarea name="copy" cols="30" rows="4"></textarea></td> </tr> <tr> <td>Copyright Year</td> <td><input type="text" name="copy" /></td> </tr> <tr> <td> </td> <td><input type="submit" name="submit" value="add" /></td> </tr> </table> <?php if (isset($_POST['submit'])) { include 'dbconfig.php'; $title=$_POST['title']; $author= $_POST['author']; $name=$_POST['name']; $copy=$_POST['copy']; mysql_query("INSERT INTO `books`(Title,Author,PublisherName,CopyrightYear) VALUES ('$title','$author','$name','$copy')"); } ?> </form> <table border="1"> <?php include("dbconfig.php"); $result=mysql_query("SELECT * FROM books"); while($test = mysql_fetch_array($result)) { $id = $test['BookID']; echo "<tr align='center'>"; echo"<td><font color='black'>" .$test['BookID']."</font></td>"; echo"<td><font color='black'>" .$test['Title']."</font></td>"; echo"<td><font color='black'>". $test['Author']. "</font></td>"; echo"<td><font color='black'>". $test['PublisherName']. "</font></td>"; echo"<td><font color='black'>". $test['CopyrightYear']. "</font></td>"; echo"<td> <a href ='view.php?BookID=$id'>Edit</a>"; echo"<td> <a href ='del.php?BookID=$id'><center>Delete</center></a>"; echo "</tr>"; } mysql_close($conn); ?> </table> </div> </body> </html> login.php Kod <?php require_once 'dbconfig.php'; if($user->is_loggedin()!="") { $user->redirect('home.php'); } if(isset($_POST['btn-login'])) { $uname = $_POST['txt_uname_email']; $umail = $_POST['txt_uname_email']; $upass = $_POST['txt_password']; if($user->login($uname,$umail,$upass)) { $user->redirect('home.php'); } else { $error = "Wrong Details !"; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login : cleartuts</title> <link rel="stylesheet" href="bootstrap/css/bootstrap.min.css" type="text/css" /> <link rel="stylesheet" href="style.css" type="text/css" /> </head> <body> <div class="container"> <div class="form-container"> <form method="post"> <h2>Zaloguj się:</h2><hr /> <?php if(isset($error)) { ?> <div class="alert alert-danger"> <i class="glyphicon glyphicon-warning-sign"></i> <?php echo $error; ?> ! </div> <?php } ?> <div class="form-group"> <input type="text" class="form-control" name="txt_uname_email" placeholder="Login lub e-mail" required /> </div> <div class="form-group"> <input type="password" class="form-control" name="txt_password" placeholder="Twoje hasło" required /> </div> <div class="clearfix"></div><hr /> <div class="form-group"> <button type="submit" name="btn-login" class="btn btn-block btn-primary"> <i class="glyphicon glyphicon-log-in"></i> ZALOGUJ SIĘ </button> </div> <br /> <label>Jeśli nie masz konta <a href="sign-up.php">Zarejestruj się!</a></label> </form> </div> </div> </body> </html> class.user.php Kod <?php
class USER { private $db; function __construct($DB_con) { $this->db = $DB_con; } public function register($fname,$lname,$uname,$umail,$upass) { try { $new_password = MD5($upass); $stmt = $this->db->prepare("INSERT INTO users(user_name,user_email,user_pass) VALUES(:uname, :umail, :upass)"); $stmt->bindparam(":uname", $uname); $stmt->bindparam(":umail", $umail); $stmt->bindparam(":upass", $new_password); $stmt->execute(); return $stmt; } catch(PDOException $e) { echo $e->getMessage(); } } public function login($uname,$umail,$upass) { try { $stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname OR user_email=:umail LIMIT 1"); $stmt->execute(array(':uname'=>$uname, ':umail'=>$umail)); $userRow=$stmt->fetch(PDO::FETCH_ASSOC); if($stmt->rowCount() > 0) { if($userRow['user_pass']==MD5($upass)) { $_SESSION['user_session'] = $userRow['user_id']; return true; } else { return false; } } } catch(PDOException $e) { echo $e->getMessage(); } } public function is_loggedin() { if(isset($_SESSION['user_session'])) { return true; } } public function redirect($url) { header("Location: $url"); } public function logout() { session_destroy(); unset($_SESSION['user_session']); return true; } } ?> |
 |
 
|
|
|
Wersja Lo-Fi | Aktualny czas: 8.07.2025 - 07:37 |
