通过session判断用户的操作权限
test.php
<html>
<head>
<script language="javascript">
function check(form){
if(form.user.value==""){
alert("请输入用户名");
form.user.focus();
return false;
}
if(form.pwd.value==""){
alert("请输入密码");
form.pwd.focus();
return false;
}
form.submit();
}
</script>
</head>
<body>
<form name="form" method="post" action="test1.php">
<table width="521" height="394" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" background="logo.jpg">
<table width="521" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="262" height="218"> </td>
<td width="259"> </td>
</tr>
<tr>
<td height="24" align="right">用户名:</td>
<td headers="24" align="left"><input name="user" type="text" id="user" size="20"></td>
</tr>
<tr>
<td height="24" align="right">密 码:</td>
<td headers="24" align="left"><input type="password" name="pwd" id="pwd" size="20"></td>
</tr>
<tr align="center">
<td height="24" colspan="2"><input name="submit" type="submit" value="提交" onClick="return check(form);">
<input type="reset" value="重置" name="submit2"></td>
</tr>
<tr>
<td height="76" align="right"><span>超级用户:111<br>
密 码:111 </span></td>
<td height="76" align="right"><span> 普通用户:222<br>
密 码:222</span></td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>
test2.php
<?php
session_start();
$_SESSION[user]=$_POST[user];
$_SESSION[pwd]=$_POST[pwd];
if($_SESSION[user]==""){
echo "<script language='javascript'>alert('请通过正规途径登录本系统!');history.back();</script>";
}
?>
<table align="center" cellpadding="0" cellspacing="0">
<tr align="center" valign="middle">
<td style="width:140px;color:red;">当前用户:
<!-----------------------输出当前登录的用户级别----------------------------->
<?php if($_SESSION[user]=="111" && $_SESSION[pwd]=="111"){echo "管理员";}else{echo "普通用户";}?>
</td>
<td width="70"><a href="test1.php">博客首页</a></td>
<td width="70">| <a href="test1.php">我的文章</a></td>
<td width="70">| <a href="test1.php">我的相册</a></td>
<td width="70">| <a href="test1.php">音乐在线</a></td>
<td width="70">| <a href="test1.php">修改密码</a></td>
<td width="70">| <a href="test2.php">注销用户</a></td>
<?php
if($_SESSION[user]=="111" && $_SESSION[pwd]=="111"){
?>
<!-----------------------如果用户当前是管理员,则输出”用户管理“链接--------------------------------------->
<td width="70">| <a href="test1.php">用户管理</a></td>
<?
}
?>
</tr>
</table>
test2.php
<?php
session_start();
unset($_SESSION[user]);
unset($_SESSION[pwd]);
session_destroy();
header("location:test.php");
?>