通过session判断判断用户的操作权限

客户请求端 --index.php :

<?php date_default_timezone_set('Asia/Shanghai'); //设置正确的时区?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
<script type="text/javascript">
    function check(form)
    {
        //可以直接根据表单里的name进行表单元素的访问!
        if(form.user.value == "")
        {
            alert("请输入用户名");form.user.focus();return false;    
        }
        if(form.pwd.value == "")
        {
            alert("请输入密码");form.user.focus();return false;    
        }
        form.submit();
    }
</script>
</head>

<body>
    <form name="form1" method="post" action="default.php">
        <table width="521" height="394" border="0" cellpadding="0" cellspacing="0">
            <tr>
                <td valign="top" background="image/login.jpg">
                    <table width="521" border="0" cellspacing="0" cellpadding="0">
                        <tr>
                            <td height="24" align="right">用户名:</td>
                            <td height="24" align="left">
                            <input type="text" name="user" id="user" size="20" />
                            </td>
                        </tr>
                        <tr>
                            <td height="24" align="right">密码:</td>
                            <td>
                            <input type="password" name="pwd" id="pwd" size="20" />
                            </td>
                        </tr>
                        <tr align="center">
                            <td height="24" colspan="2">
                            <input type="submit" name="Submit" value="提交" onclick="return check(form);" /><input type="reset" name="Submit2" value="重填" />
                            </td>                            
                        </tr>
                        <tr>
                            <td height="76" align="right">
                            <span class="style1">超级用户:tsoft<br />&nbsp;&nbsp;&nbsp;&nbsp;码:111&nbsp;&nbsp;</span>
                            </td>
                            <td><span class="style1">普通用户:zts<br />&nbsp;&nbsp;&nbsp;&nbsp;码:000</span></td>
                        </tr>
                    </table>
                </td>
            </tr>
        </table>
    </form>
</body>
</html>

 

服务器接收处理端 --default.php :

 

<?php
    session_start();
    $_SESSION['user'] = $_POST['user'];
    $_SESSION['pwd'] = $_POST['pwd'];
?>
<?php
    /*为了防止其他用户非法登陆本系统。要做个验证*/
    if($_SESSION['user'] == "") //如果用户名为空,则弹出提示,并跳转到登陆页
    {
        echo "<script type='text/javascript'>alert('请通过正确的途径登陆本系统!');history.back();</script>";
    }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
</head>

<body>
    <table align="center" cellpadding="0" cellspacing="0">
        <tr align="center" valign="middle">
            <td style="width:140px; color:red;">
                当前用户:&nbsp;
                <!-- ------------------输出当登陆的用户级别------------------ -->
                <?php
                    if($_SESSION['user'] == "tsoft" && $_SESSION['pwd'] =="111")
                    { echo "管理员";}else{ echo "普通用户";}
                ?>
                &nbsp;&nbsp;
            </td>
            <td width="70"><a href="default.php">博客首页</a></td>
            <td width="70">|&nbsp;<a href="default.php">我的文章</a></td>
            <td width="70">|&nbsp;<a href="default.php">我的相册</a></td>
            <td width="70">|&nbsp;<a href="default.php">音乐在线</a></td>
            <td width="70">|&nbsp;<a href="default.php">修改密码</a></td>
            <?php
                if($_SESSION['user'] == "tsoft" && $_SESSION['pwd'] == "111") //如果当前用户是管理员
                {
            ?>
            <!-- -------------------如果当前用户是管理员,则输出“用户管理”链接-------------------- -->
            <td width="70">|&nbsp;<a href="default.php">用户管理</a></td>
            <?php
                }
            ?>
            <td width="70">|&nbsp;<a href="safe.php">注销用户</a></td>
        </tr>
    </table>
</body>
</html>

 

 

注销用户页 --safe.php :

<?php
    /*注销用户页面*/
    session_start();   //初始化session
    unset($_SESSION['user']); //删除用户名会话变量
    unset($_SESSION['pwd']); //删除密码会话变量
    session_destroy(); //删除所有的会话变量
    header("location:index.php");  //利用header()函数向客户端发送原始的http报头。以达到跳转到首页登录的界面
?>

 

 

posted @ 2013-06-08 23:35  clouds008  阅读(1082)  评论(0编辑  收藏  举报