Determine the user's operation permissions through session

Customer request end--Index. Php:

 <?  PHP date_default_timezone_set ('Asia/Shanghai'); // set the correct time zone  ?>  <!  Doctype HTML public "-// W3C // dtd xhtml 1.0 transitional // en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"  >  <  Html  Xmlns  = "Http://www.w3.org/1999/xhtml"  >  <  Head >  <  Meta  HTTP-equiv  = "Content-Type"  Content  = "Text/html; charsets = UTF-8"   />  <  Title  > Untitled document </  Title  >  <  Script Type  = "Text/JavaScript"  >      Function  Check (form ){  //  You can directly access the form Element Based on the name in the form!          If  (Form. User. Value  =   ""  ) {Alert ( "  Enter User Name  "  ); Form. User. Focus ();  Return   False  ;}  If  (Form. pwd. Value  =   "" ) {Alert (  "  Enter Password  "  ); Form. User. Focus ();  Return   False  ;} Form. Submit ();}  </  Script  >  </ Head  >  <  Body  >      <  Form  Name  = "Form1"  Method  = "Post"  Action  = "Default. php"  >          <  Table  Width = "521"  Height  = "394"  Border  = "0"  Cellpadding  = "0"  Cellspacing  = "0"  >              <  Tr  >                  <  TD  Valign  = "TOP" Background  = "Image/login.jpg"  >                      <  Table  Width  = "521"  Border  = "0"  Cellspacing  = "0"  Cellpadding  = "0"  >                          <  Tr  >                             <  TD  Height  = "24"  Align  = "Right"  > User name: </  TD  >                              <  TD  Height  = "24"  Align  = "Left"  >                             <  Input  Type  = "Text"  Name  = "User"  ID  = "User"  Size  = "20"   />                              </  TD  >                          </  Tr  >                         <  Tr  >                              <  TD  Height  = "24"  Align  = "Right"  > Password: </  TD  >                              <  TD  >                              < Input  Type  = "Password"  Name  = "PWD"  ID  = "PWD"  Size  = "20"   />                              </  TD  >                          </  Tr  >                          < Tr  Align  = "Center"  >                              <  TD  Height  = "24"  Colspan  = "2"  >                              <  Input  Type  = "Submit"  Name  = "Submit" Value  = "Submit"  Onclick  = "Return check (form );"   /> <  Input  Type  = "Reset"  Name  = "Submit2"  Value  = "Refill"   />                              </  TD  >                                                      </ Tr  >                          <  Tr  >                              <  TD  Height  = "76"  Align  = "Right"  >                              <  Span  Class  = "Style1"  > Super User: tsoft<  BR  /> Password & Nbsp; Code 111 & Nbsp;  </  Span  >                              </  TD  >                              <  TD  > <  Span  Class = "Style1"  > Common User: ZTS <  BR  /> Password & Nbsp; Code: 000 </  Span  > </  TD  >                          </  Tr  >                      </  Table >                  </  TD  >              </  Tr  >          </  Table  >      </  Form  >  </  Body  >  </  Html > 

 

Server receiving and processing end--Default. Php :

 

<? PHP  Session_start  ();  $ _ Session ['User'] = $ _ Post ['User' ];  $ _ Session ['Pwd'] =$ _ Post ['Pwd' ]; ?> <? PHP  /*  To prevent other users from logging on to the system illegally. Verification required  */      If ( $ _ Session ['User'] = "") //  If the user name is blank, a prompt is displayed and the logon page is displayed.  {  Echo "<SCRIPT type = 'text/JavaScript '> alert ('Please log on to the system in the correct way! '); History. Back (); </SCRIPT>" ;} ?> <! Doctype htmlPublic "-// W3C // dtd xhtml 1.0 transitional // en" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <HTML xmlns = "http://www.w3.org/1999/xhtml">  Current User :& Nbsp; <! -- ---------------- Output the user level when logging on ------------------ --> <? PHP  If ( $ _ Session ['User'] = "tsoft "&& $ _ Session ['Pwd'] = "111" ){  Echo "Administrator ";} Else { Echo "Normal user" ;} ?> & Nbsp ;& Nbsp; </TD> <TD width = "70"> <a href = "default. PHP "> blog homepage </a> </TD> <TD width =" 70 "> | & nbsp; <a href =" default. PHP "> my Article </A> </TD> <TD width = "70"> | & nbsp; <a href = "default. PHP "> my album </a> </TD> <TD width =" 70 ">|& nbsp; <a href =" default. PHP "> music online </a> </TD> <TD width =" 70 "> | & nbsp; <a href =" default. PHP "> Change Password </a> </TD> <? PHP  If ( $ _ Session ['User'] = "tsoft "&& $ _ Session ['Pwd'] = "111 ") //  If the current user is an administrator  { ?> <! -- ------------------- If the current user is an administrator, the "user management" link ------------------ --> <TD width = "70" >|& nbsp; <a href = "default. PHP "> User management </a> </TD> <? PHP} ?> <TD width = "70" >|& nbsp; <a href = "safe. PHP "> log out of a user </a> </TD> </tr> </table> </body> 
 
 
 

 
 
 

 
Log out of the user page -- safe. php:
 

<? PHP  /*  Logout user page  */      Session_start (); // Initialize session      Unset ( $ _ Session ['User']); //  Delete user name session variable      Unset ( $ _ Session ['Pwd']); //  Delete password session Variables      Session_destroy (); //  Delete all session Variables      Header ("Location: index. php "); // Use the header () function to send the original HTTP header to the client. To go to the homepage logon page ?>