douci1851 2019-05-06 22:03
浏览 105
已采纳

如何根据用户的状态和角色登录用户[重复]

This question already has an answer here:

I am creating a login page where user and admin will log in user will have role = user, and status = pending until admin will make it active. I have different files to display for user and admin and within the user, 2 files are there. 1 for an active user and another for the pending user.

I created if statements and tried switch statement as well. but I am getting an error on XAMPP "Parse error: syntax error, unexpected end of file in C:\xampp\htdocs\MakerLab\server.php on line 109"

here is my server.php

...

<?php 
    session_start();

    // variable declaration
    $email = "";
    $status = "";

    $errors = array(); 
    $_SESSION['success'] = "";

    // connect to database
    $db = mysqli_connect('localhost', 'root', '', 'makerlab');

    // REGISTER USER
    if (isset($_POST['reg_user'])) {
        // receive all input values from the form
        $fname = mysqli_real_escape_string($db, $_POST['fname']);
        $lname = mysqli_real_escape_string($db, $_POST['lname']);
        $email = mysqli_real_escape_string($db, $_POST['email']);
        $lewisID = mysqli_real_escape_string($db, $_POST['lewisID']);
        $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
        $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);

        // form validation: ensure that the form is correctly filled
        //if (empty($email)) { array_push($errors, "Lewis Email is required"); }
        //if (empty($password_1)) { array_push($errors, "Password is required"); }

        //if ($password_1 != $password_2) {
        //  array_push($errors, "The two passwords do not match");
        //}

    $user_check_query = "SELECT * FROM users WHERE lewisID='$lewisID' OR email='$email' LIMIT 1";
    $result = mysqli_query($db, $user_check_query);
    $user = mysqli_fetch_assoc($result);

    if ($user) { // if user exists
    if ($user['lewisID'] === $lewisID) {
    array_push($errors, "lewisID already exists");
    }

    if ($user['email'] === $email) {
    array_push($errors, "lewisID already exists");
    }
    }

        // register user if there are no errors in the form
        if (count($errors) == 0) {
            $password = md5($password_1);//encrypt the password before saving in the database
            $query = "INSERT INTO users (lewisID,
                                        fname, 
                                        lname, 
                                        email, 
                                        password) 
                        VALUES('$lewisID',
                                '$fname', 
                                '$lname', 
                                '$email',
                                '$password')";
            mysqli_query($db, $query);
            $_SESSION['fname'] = $fname;
            $_SESSION['email'] = $email;
            header('location: pend.php');


    // ... 

    // LOGIN USER
    if (isset($_POST['login_user'])) {
        $email = mysqli_real_escape_string($db, $_POST['email']);
        $password = mysqli_real_escape_string($db, $_POST['password']);

        if (empty($email)) {
            array_push($errors, "Lewis Email is required");
        }
        if (empty($password)) {
            array_push($errors, "Password is required");
        }

        if (count($errors) == 0) {
            $password = md5($password);
            $query = "SELECT * FROM users WHERE email='$email' 
            AND password='$password'";

            $results = mysqli_query($db, $query);

            if (mysqli_num_rows($results) == 1) {
                $_SESSION['email'] = $email;
                $row['status'] = $status;
                $row['role'] = $role;
                if ($status == "Pending" )
                {
                    header('location: pend.php');
                }
                else if ($status == "Active" || $role == "user" )
                {
                    header('location: AccountMain.php');
                }
                else if ($status == "Active" || $role == "admin" )
                {
                    header('location: admain.php');
                }
            } else {
                array_push($errors, "Wrong username/password combination");
            }
        }
    }

?>

...

</div>
  • 写回答

1条回答 默认 最新

  • dsfsdfsdfsdfsdf45454 2019-05-06 22:10
    关注

    You are missing 2 brackets at the end of the file (before ?> tag) Next time you can use an IDE like PHPStorm that helps with the indentation and format.

    <?php
    
    // variable declaration
    $email = "";
    $status = "";
    
    $errors = array();
    $_SESSION['success'] = "";
    
    // connect to database
    $db = mysqli_connect('localhost', 'root', '', 'makerlab');
    
    // REGISTER USER
    if (isset($_POST['reg_user'])) {
        // receive all input values from the form
        $fname = mysqli_real_escape_string($db, $_POST['fname']);
        $lname = mysqli_real_escape_string($db, $_POST['lname']);
        $email = mysqli_real_escape_string($db, $_POST['email']);
        $lewisID = mysqli_real_escape_string($db, $_POST['lewisID']);
        $password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
        $password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
    
        // form validation: ensure that the form is correctly filled
        //if (empty($email)) { array_push($errors, "Lewis Email is required"); }
        //if (empty($password_1)) { array_push($errors, "Password is required"); }
    
        //if ($password_1 != $password_2) {
        //  array_push($errors, "The two passwords do not match");
        //}
    
        $user_check_query = "SELECT * FROM users WHERE lewisID='$lewisID' OR email='$email' LIMIT 1";
        $result = mysqli_query($db, $user_check_query);
        $user = mysqli_fetch_assoc($result);
    
        if ($user) { // if user exists
            if ($user['lewisID'] === $lewisID) {
                array_push($errors, "lewisID already exists");
            }
    
            if ($user['email'] === $email) {
                array_push($errors, "lewisID already exists");
            }
        }
    
        // register user if there are no errors in the form
        if (count($errors) == 0) {
            $password = md5($password_1);//encrypt the password before saving in the database
            $query = "INSERT INTO users (lewisID,
                                        fname, 
                                        lname, 
                                        email, 
                                        password) 
                        VALUES('$lewisID',
                                '$fname', 
                                '$lname', 
                                '$email',
                                '$password')";
            mysqli_query($db, $query);
            $_SESSION['fname'] = $fname;
            $_SESSION['email'] = $email;
            header('location: pend.php');
        }
    }
    
    // ...
    
    // LOGIN USER
    if (isset($_POST['login_user'])) {
        $email = mysqli_real_escape_string($db, $_POST['email']);
        $password = mysqli_real_escape_string($db, $_POST['password']);
    
        if (empty($email)) {
            array_push($errors, "Lewis Email is required");
        }
        if (empty($password)) {
            array_push($errors, "Password is required");
        }
    
        if (count($errors) == 0) {
            $password = md5($password);
            $query = "SELECT * FROM users WHERE email='$email' 
            AND password='$password'";
    
            $results = mysqli_query($db, $query);
    
            if (mysqli_num_rows($results) == 1) {
                $_SESSION['email'] = $email;
                $row = mysqli_fetch_assoc($results);
                $status = $row['status'];
                $role = $row['role'];
                if ($status == "Pending") {
                    header('location: pend.php');
                } else if ($status == "Active" || $role == "user") {
                    header('location: AccountMain.php');
                } else if ($status == "Active" || $role == "admin") {
                    header('location: admain.php');
                }
            } else {
                array_push($errors, "Wrong username/password combination");
            }
        }
    }
    ?>
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 maple软件,用solve求反函数出现rootof,怎么办?
  • ¥50 汇编语言除法溢出问题
  • ¥65 C++实现删除N个数据列表共有的元素
  • ¥15 Visual Studio问题
  • ¥15 state显示变量是字符串形式,但是仍然红色,无法引用,并显示类型不匹配
  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题
  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波