如何在会话中检查权限？ [重复]

This question already has an answer here:

The 3 different equals 5 answers
Reference - What does this error mean in PHP? 34 answers

I made a login page, which works fine. Every account on my system has a username, password and permission. On the login screen you only have to fill in your username and password, and the record gets automatically linked to the session, so Im sure the session knows what permission it has when logged in. I want to make a difference between a admin and a user account. An admin account should be redirected to a different screen as the user. This is my code:

if ($_SESSION['Permission'] = "admin") { 
    header("location:adminmenu.html");
} else {
    header("location:usermenu.html"); 
}

When I run this, it automatically takes me to the admin menu, even if the statement is not correct. How can I fix this?

This isnt the same, because the question isnt about parse errors.

</div>

写回答
好问题 0 提建议
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

3条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dongyuan8312 2018-11-08 08:29
关注
Check the following:

1.) Use comparing instead of assigning

if ($_SESSION['Permission'] === "admin") { header("location:adminmenu.html"); } else { header("location:usermenu.html"); }

2.) Make sure you run session_start() on each request

3.) Make sure $_SESSION['Permission'] is set, run var_dump($_SESSION); to make sure the value is set correct.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(2条)

报告相同问题？

关注问题

如何在PHP中使用数据会话？ php
2019-03-04 13:15

回答 1 已采纳 session_start() must be called before any output to the browser. Please update your code on all p
强制在每个新的浏览器会话中登录用户？ javascript php
2017-08-11 18:04

回答 3 已采纳 @Axalix wrote: If session relies on cookies, you just need to keep expiry date empty, then whe
将对象保存到会话 - 如何从以前的会话中获取对象？ php
2018-12-11 16:00

回答 1 已采纳 You should use the function serialize() to returns a string containing a byte-stream representatio
你还在为找工作发愁嘛？最新前端高频面试题（适合应届生），拿走不谢！
2022-07-19 21:24

如歌~的博客 HTML、CSS相关盒子模型：一...在移动端，这个盒子模型就不是很适合做开发了，最好用box-sizing: border-box;属性改变一下盒子模型；写了这个属性之后宽度会包括borderHTML5,css3新增的内容有哪些HTML5：新增语义化标签,
如何在嵌入式文件中使用php会话？ javascript php
2017-08-12 09:24

回答 1 已采纳 It works, you just return javascript wrongly. Firefox for some reason works, but other browsers fa
检查会话ID是否在此代码中 php
2017-11-25 14:33

回答 1 已采纳 You can use Session ID like session_start(); echo session_id(); Or You can use $_SESSION['u
如何检测会话是否即将到期？
2019-03-29 14:20

回答 1 已采纳 Solution: As soon as the client logs in they receive the session expiration date from the server.
前端面试题(持续更新中～)
2023-03-16 08:38

风雨兼程^_^的博客 SSR服务端渲染流程及SEO，服务端渲染框架，前端项目中环境变量怎么处理，怎么配置，axios有封装过吗，后台管理侧边栏权限管，简述TCP/IP，UDP，对于SEO怎么优化，后台管理登录流程，解决Git冲突
如何在移动中更新会话数组中的数量？ ajax jquery php
2015-08-27 09:00

回答 1 已采纳 You left out the = between &value and + newVal. But I recommend you let jQuery do this automatical
如何在会话中定义索引“UserName”？ html5 php
2017-04-29 06:59

回答 3 已采纳 You need to check session right way if($_SESSION['UserName'] == "") { You can use isset and empt
Laravel - 如何在laravel会话中更新数组值？ php
2017-01-25 11:46

回答 1 已采纳 There is no direct way of doing that, You can crate a simple function to update the session for yo
前端安全：如何防止XSS攻击？
2025-01-29 19:53

破碎的天堂鸟的博客 XSS攻击是一种常见但危险的漏洞，通过输入验证、输出编码、HTTP头部策略、内容安全策略以及现代框架的使用，可以有效降低XSS攻击的风险。同时，持续的安全检测和团队的安全意识提升也是保障前端安全的重要环节。
2022年前端面试题整理，持续更新中
2022-03-11 18:14

zh阿飞的博客最新的面试题整理，整理了很多的一些基础知识，适合初中级的前端开发
2023前端面试题汇总
2023-03-09 17:58

下雪不过冬天的博客 2023前端基础面试题汇总
前端Javascript、Vue、CSS等场景面试题目（二）
2024-11-16 14:38

GISer_Jinger的博客前端面试场景题目：Vue|HTML|CSS|JAVASCRIPT|WEBPACK
没有解决我的问题, 去提问

如何在会话中检查权限？ [重复]

3条回答 默认 最新

3条回答默认最新