duanmian1085 2019-04-24 01:51
浏览 91
已采纳

如何创建一个仅接受两个PHP会话的登录系统?

How can I make a login system that excepts only two people with sessions in PHP?

I want to make a login system that only two users could log into. I really don't want to use databases for my own reasons.The real problem is that there are multiple logins on the website and if you login with another account on another part of the website and go here into the "Admin panel" the admin panel will open and let any user create new users with admin access.

My code:

index.php

<?php
session_start(); 

define('DS',  TRUE);
define('USERNAME', $_SESSION['username']);
define('SELF',  $_SERVER['PHP_SELF'] );

$userx = $_SESSION['username'];

if (!USERNAME or isset($_GET['logout']))
 include('login/login.php');
?>
<!DOCTYPE html>
<html>
  <head>
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <title>ADMIN PANEL</title>
        <meta name="author" content="INTmAker" />
        <meta name="author" content="Leonx">
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
  </head>
  <body>
      You are logged in as <?php echo($userx); ?>&nbsp|&nbsp<a href="?logout=1">Logout</a>
        <br>
        <?php
          if($userx != "Leonx" || $userx != "INT"){
             echo 'You are not an Admin.';
             return false;
          } else {
              echo '        <div>
                <input type="text" id="username" name="username" placeholder="Username" value=""/>
                <input type="password" id="password" name="password" placeholder="Password" value=""/>
                <input type="submit" id="postform" onclick="post()" value="Submit">
                </div>
                &nbsp;&nbsp;&nbsp;&nbsp;
                <input type="checkbox" onclick="admin()">Admin access?
                &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
                &nbsp;&nbsp;&nbsp;
                <input type="checkbox" onclick="password()">Pokaži lozinku';
          }
        ?>

        <script>
            function post() {
                var username = $('#username').val();
                var password = $('#password').val();

                $.post('multipass.php', {postuser:username, postpass:password},
                  function(data)
                  { 
                           alert("Uspjesno dodan korisnik!");
                  });
            }
            function post2() {
                var username = $('#username').val();
                var password = $('#password').val();

                $.post('adminpass.php', {postuser:username, postpass:password},
                  function(data)
                  { 
                            alert("Uspjesno dodan admin!");
                  });
            }           
        function password() {
            var x = document.getElementById("password");
        if (x.type === "password") {
            x.type = "text";
        } else {
            x.type = "password";
        }
      }
      function admin(){
          document.getElementById('postform').setAttribute('onclick','post2()');
      }
</script>
  </body>
</html>

login.php

<?php defined('DS') OR die('No direct access allowed.');

include('users.php');

if(isset($_GET['logout'])) {
    $_SESSION['username'] = '';
    header('Location:  ' . $_SERVER['PHP_SELF']);
}

if(isset($_POST['username'])) {
    if($users[$_POST['username']] !== NULL && $users[$_POST['username']] == $_POST['password']) {
  $_SESSION['username'] = $_POST['username'];
  header('Location:  ' . $_SERVER['PHP_SELF']);
    }else {
        //invalid login
  echo "<p>Korisničko ime ili lozinka su krivi!</p>";
    }
}

echo '<!DOCTYPE html>
<html>
<head>
  <title>EDITOR LOGIN</title>
  <link rel="stylesheet" type="text/css" href="login/style.css">
</head>
<body>
  <div class="header">
    <h2>Admin</h2>
  </div>

  <form method="post" action="'.SELF.'">
    <div class="input-group">
            <label for="username">Korisničko ime</label> <input type="text" id="username" name="username" value=""/>
    </div>
    <div class="input-group">
            <label for="password">Lozinka</label> <input type="password" id="password" name="password" value="" />
    </div>
            <input type="submit" class="btn" name="submit" value="Login" class="button"/>
  </form>
</body>
</html>';
exit; 
?>

My expectation: If the logged in user's name is not Leonx or INT then I would like the user to just get a message saying "You are not an Admin." and If the username is Leonx or INT then I would want to have the input fields of the from be displayed.

  • 写回答

1条回答 默认 最新

  • dslkchyv673627 2019-04-24 03:15
    关注

    if you need only Leonx or INT. change your filter like this

    if($userx != "Leonx" AND $userx != "INT")
    

    you just need to replace your || with AND

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 树莓派安卓APK系统签名
  • ¥15 maple软件,用solve求反函数出现rootof,怎么办?
  • ¥65 汇编语言除法溢出问题
  • ¥15 Visual Studio问题
  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题
  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波
  • ¥15 针对曲面部件的制孔路径规划,大家有什么思路吗