Are user-logged sessions processed before and after? After a system is created, an administrator logs on to the backend, and a common registered user logs on to the front-end. the sessions in the front-end and back-end are written in this way, and automatic logon is also performed, the condition is that you can only log on directly with a session. If (empty ($ _ SESSION [username]) & nbsp; & amp; & nbsp; empty ($ _ SESSION [uid]) {are user-logged sessions processed before and after?
A system is built, and an administrator logs on to the background;
Common registered users are logged on to the front-end;
The frontend and backend sessions I wrote are all written in this way, and automatic login is also performed, on the condition that only sessions can be logged in directly.
If (empty ($ _ SESSION ['username']) & empty ($ _ SESSION ['uid']) {
$ This-> error ("You have not logged on", U ("/Admin/Login/index"), 3 );
}
Then I found a problem. I registered a user at the front-end and logged on to the front-end. php recorded $ _ SESSION ['username'], and then I logged on to the backend, go directly to the background.
I know that I have a problem with this writing. what should I do?
In my opinion, the frontend and backend session names must be different,
For example, the front-end $ _ SESSION ['username _ INDEX']
$ _ SESSION ['username _ admin'] in the background, can it?
Share: More
------ Solution --------------------
We recommend that you do not circle your judgment logic.
Instead, add a permission word permit.
Set the front-end permission to 0 (because you do not have the permission word). The background permission is 1.
You only need to add a permission field to the user table and set the permission of the administrator to 1.
Log on to the server and save the permission to the session, for example, $ _ SESSION ['permit '].
If ($ permit = ($ permit & $ _ SESSION ['permit '])
$ Permit is required for layout
