선택 유효성 검사 방법 옵션

Question

선택 옵션의 유효성을 검사하고 싶습니다. 같은 경우 사용자 선택 관리 후 관리자 로그인이 페이지 작업, 경우 사용자가 선택한 공급 업체 다음 공급 업체 로그인 이 페이지를 작업하는 경우 사용자가 사용자 선택 후 내가 로그인 할 수 있어요 지금 위해 userLogin

이 페이지 작업 실제로 내 선택 옵션을 사용하지 마십시오. 지금 내 선택 옵션이 작동하지 않습니다.

내 코드는 현재까지입니다. 내가 여기에 옵션을 선택 놓친이 코딩 뭔가에

<?php 
$debug = false; 
//$debug = true; 

require_once("/portal/scripts/backend.php"); 
//require_once("/portal/scripts/auditeventlog.php"); 
require_once("/portal/scripts/log.php"); 
require_once('/portal/scripts/define.php'); 
require_once('/portal/scripts/authentication.php'); 

AddLog("index.php","Start",ERR_DEBUG_HIGH); 
if($debug) $debug_string = "<pre>\n"; 

$wrong_user_passwd = false; 
$sid_file = '/portal/auth_info/manager.sid'; 
//$sid_file = '../manager.sid'; 

$exec_command = 'read-SystemConfig.xml'; 
//$filename = '../systemconfigdefault.xml'; 

$manager_sid = ''; 
$redirect_url = 'manager.php'; 

// Session will expire in $session_expire_time seconds. 
$session_expire_time = 1200; // 20 * 60 
$error_msg = ""; 

if(isset($_POST['uname'])) 
{ 
    //$conn = pg_connect("dbname=" .MGRCONFIG_DB_NAME. " user=" .MGRCONFIG_DB_USER); 
    $conn = pg_connect("host=".MGRCONFIG_DB_HOST." port=".MGRCONFIG_DB_PORT." dbname=".MGRCONFIG_DB_NAME. " user=" .MGRCONFIG_DB_USER." password=".MGRCONFIG_DB_PASSWORD); 
    if (!$conn) 
    { 
     AddLog("index.php","Could not connect to Database",ERR_DEBUG_HIGH); 
     $wrong_user_passwd=true; 
     $error_msg ='Error communicating to backend.'; 
    } 

    $query = "select username,password,userrole,emailaddress from users where username='".$_POST['uname']."' and password='".strtolower(md5($_POST['upass']))."'"; 
    AddLog("index.php",$query,ERR_DEBUG_HIGH); 
    $result = pg_query($conn,$query); 
    if($row = pg_fetch_array($result)) 
    { 
     session_start(); 
     $rand1=rand(100000,900000); 
     $rand2=rand(100000,900000); 

     $user_sesion_id=$rand1.md5($_POST['uname']).time().$rand2; 
     AddLog("manager_index.php","session[user_sesion_id] : ".$user_sesion_id,ERR_DEBUG_HIGH); 

     $_SESSION['user_sesion_id'] = $user_sesion_id; 
     $_SESSION['user_name'] = $_POST['uname']; 
     $_SESSION['user_email']=$row[3]; 
     $_SESSION['user_status'] = 'OK'; 
     $_SESSION['user_password_date'] = $user_info->passwd_date; 
     $_SESSION['user_credential'] = 2; 
     $_SESSION['user_credential_time'] = time(); 
     $_SESSION['user_credential_expiry'] = $session_expire_time; 
     unset($_SESSION['kpsadminuser']); 
     //Bug Fix 5087 
     $_SESSION['random_number'] = rand(1000000,3000000); //range has been choosen arbitrary 

     //user role permissions 
    header('Location: ui/mainframeUI.php'); 
     exit; 
    } 
    else 
    { 
     $wrong_user_passwd = true; 
     $error_msg ='Incorrect username/password.'; 

    } 
} 
if(isset($_POST['uname'])) 
{ 
    $query = "select username,password from users_registration where username='".$_POST['uname']."' and password='".$_POST['upass']."'"; 
    AddLog("index.php",$query,ERR_DEBUG_HIGH); 
    $result = pg_query($conn,$query); 
    if($row = pg_fetch_array($result)) 
    { 
     session_start(); 
     $rand1=rand(100000,900000); 
     $rand2=rand(100000,900000); 

     $user_sesion_id=$rand1.md5($_POST['uname']).time().$rand2; 
     AddLog("manager_index.php","session[user_sesion_id] : ".$user_sesion_id,ERR_DEBUG_HIGH); 

     $_SESSION['user_sesion_id'] = $user_sesion_id; 
     $_SESSION['user_name'] = $_POST['uname']; 
     $_SESSION['user_email']=$row[3]; 
     $_SESSION['user_status'] = 'OK'; 
     $_SESSION['user_password_date'] = $user_info->passwd_date; 
     $_SESSION['user_credential'] = 2; 
     $_SESSION['user_credential_time'] = time(); 
     $_SESSION['user_credential_expiry'] = $session_expire_time; 
     unset($_SESSION['kpsadminuser']); 
     //Bug Fix 5087 
     $_SESSION['random_number'] = rand(1000000,3000000); //range has been choosen arbitrary 

     //user role permissions 
     $query = "select userrole,guid from users where username='".$_SESSION['user_name']."'"; 
     //AddLog("manager_index.php","query : ".$query,ERR_DEBUG_HIGH); 
     $result2 = pg_query($conn,$query); 
     if($row2 = pg_fetch_array($result2)) 
     { 
      $userrole = $row2[0]; 
      $user_guid = $row2[1]; 
     } 

     header('Location: ui/mainframeUI2.php'); 
     exit; 
    } 
    else 
    { 
     $wrong_user_passwd = true; 
     $error_msg ='Incorrect username/password.'; 

    } 
} 
if(isset($_POST['uname'])) 
{ 

    $query = "select email,pass from vendor_registration where email='".$_POST['uname']."' and pass='".$_POST['upass']."'"; 
    AddLog("index.php",$query,ERR_DEBUG_HIGH); 
    $result = pg_query($conn,$query); 
    if($row = pg_fetch_array($result)) 
    { 
     session_start(); 
     $rand1=rand(100000,900000); 
     $rand2=rand(100000,900000); 

     $user_sesion_id=$rand1.md5($_POST['uname']).time().$rand2; 
     AddLog("manager_index.php","session[user_sesion_id] : ".$user_sesion_id,ERR_DEBUG_HIGH); 

     $_SESSION['user_sesion_id'] = $user_sesion_id; 
     $_SESSION['user_name'] = $_POST['uname']; 
     $_SESSION['user_email']=$row[3]; 
     $_SESSION['user_status'] = 'OK'; 
     $_SESSION['user_password_date'] = $user_info->passwd_date; 
     $_SESSION['user_credential'] = 2; 
     $_SESSION['user_credential_time'] = time(); 
     $_SESSION['user_credential_expiry'] = $session_expire_time; 
     unset($_SESSION['kpsadminuser']); 
     //Bug Fix 5087 
     $_SESSION['random_number'] = rand(1000000,3000000); //range has been choosen arbitrary 

     //user role permissions 
     header('Location: ui/mainframeUI2.php'); 
     exit; 
    } 
    else 
    { 
     $wrong_user_passwd = true; 
     $error_msg ='Incorrect username/password.'; 

    } 
} 
?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
<!--<link rel="stylesheet" type="text/css" href="../css/css-reset.css"/> 
<link rel="stylesheet" type="text/css" href="../css/default.css"/> 
<link rel="stylesheet" type="text/css" href="../css/login-layout.css"/>--> 
<link rel="stylesheet" type="text/css" href="ui/styles/css-reset.css"/> 
<link rel="stylesheet" type="text/css" href="ui/styles/default.css"/> 
<link rel="stylesheet" type="text/css" href="ui/styles/login-layout.css"/> 
<style type="text/css"> 
html, body { 
    background:url(ui/images/body_bg.png); 
} 
#login_frm_wrapper { 
    width:400px; 
    height:220px; 
    position:absolute; 
    left:50%; 
    top:50%; 
    margin-left:-200px; 
    margin-top:-110px; 
    border:#036 dashed 1px; 
} 
</style> 
<script type="text/javascript"> 
function SetFocus() 
{ 
    document.getElementById('uname').focus(); 
} 

</script> 
<title>CloudSLA Manager - Login</title> 
</head> 
<body onload="SetFocus();"> 
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> 
<div id="login_frm_wrapper"> 
    <div class="login_box"> 
    <div class="login_label"><img src="ui/images/sla-logo.png" /></div> 
    <div class="message_info" id="info"> 
     <table border="0" cellpadding="0" cellspacing="0" width="100%" height="100%"> 
     <tr> 
      <td style="height:100%; width:100%; vertical-align:middle; padding-left:5px;"><span id="login_details">Please enter your username &amp; password to login.</span></td> 
     </tr> 
     </table> 
    </div> 

    <table class="login_table" width="100%" border="0" cellspacing="0" cellpadding="0"> 
     <tr> 
     <td style="width:30%;">Username</td> 
     <td style="width:70%;"><input name="uname" id="uname" type="text" /></td> 
     </tr> 
     <tr> 
     <td style="width:30%;">Password</td> 
     <td style="width:70%;"><input name="upass" id="upass" type="password" /></td> 
     </tr> 
     <tr> 
     <td style="width:30%;">Login Type</td> 
     <td style="width:70%;"> 

     <select name="usertype"> 
     <option value="Admin">Admin</option> 
     <option value="Vendor">Vendor</option> 
     <option value="User">User</option> 
     </select> 

     </td> 
     </tr> 
     <tr> 
     <td colspan="2" style="text-align:right; padding-right:5px;"><input type="submit" class="login_button" name="login" value="Login" /></td> 
     </tr> 
    </table> 
    </div> 
</div> 
</form> 
<script type="text/javascript"> 
<?php 
session_start(); 
if(isset($_SESSION['perror']) && strlen(trim($_SESSION['perror']))!=0) 
{ 
    $pieces = explode(":|:", $_SESSION['perror']); 
    $error_msg=$pieces[2]; 
    echo "document.getElementById(\"info\").className=\"message_alert\";"; 
    echo "document.getElementById(\"login_details\").innerHTML='".$error_msg."'"; 
    unset($_SESSION['perror']); 
} 
else if($wrong_user_passwd) 
{ 
    echo "document.getElementById(\"info\").className=\"message_alert\";"; 
    echo "document.getElementById(\"login_details\").innerHTML='".$error_msg."'"; 
} 
else 
{ 
    $error_msg='Please enter your username &amp; password to login.'; 
    echo "document.getElementById(\"info\").className=\"message_info\";"; 
    echo "document.getElementById(\"login_details\").innerHTML='".$error_msg."'"; 
} 
?> 
</script> 
</body> 
</html> 

: -

<select name="usertype"> 
    <option value="Admin">Admin</option> 
    <option value="Vendor">Vendor</option> 
    <option value="User">User</option> 
    </select> 

Answer 1

내가 질문을 이해 있는지 확실하지 않습니다,하지만 내가 볼 것은 이것이다 : 당신이 사용하지 않는 usertype 어디서든 PHP 코드에 있습니다. 당신은 당신의 세션

$_SESSION['user_name'] = $_POST['uname']; 

에 사용자 이름을 저장하고 있지만, 유저 유형 사용되지 않습니다 (느릅 나무는 $_POST['usertype']을해야한다), 그래서이 작동하지 않는 이유가 될 수 있습니다.

PS : $_POST['upass']도 실제로 사용되지는 않지만 일부 로그 메시지에 게시됩니다.하지만이 누락 된 코드는 authentication.php 또는 다른 필수 파일 중 하나에있을 수 있습니다. 불행히도 당신은 그 파일들로부터 당신의 코드의 관련 부분들을 게시하지 않았기 때문에, 여기에서 틀린 것을 말하기는 정말로 어렵습니다.