更新时间:2023-12-04 18:46:58
将用户角色存储在会话变量中
Store the users role in a session variable
$_SESSION["role"]=1;
或
$_SESSION["role"]=2;
取决于存储的用户信息.
depending on the stored user information.
然后,当您检查权限时,只需检查此变量:
Then when you check the permissions, you just check this variable:
if($_SESSION["role"]==2){
header('Location: ../admin/index.php');
} else {
echo "you need the admin role to view this page!";
}
另一个建议: 如果用户没有管理员角色,***检查../admin/index.php中的权限并重定向回默认页面.否则,如果用户知道URL,则他们可能可以直接浏览到../admin/index.php.
Another advice: It would be better to check the permissions in ../admin/index.php and redirect back to the default page if the user does not have the admin role. Otherwise users might be able to directly browse to ../admin/index.php if they know the URL.