Warum ist mein 2-Konto gleichzeitig angemeldet?

Question

Ich habe 2 anmelden, eine für Admin-Tabelle und die andere ist für Kassierer Tisch. Also, was gerade passiert ist, wann immer ich mich in eines von ihnen einlogge, dann protokolliert das andere auch, wenn ich es auffrische. Gleiches gilt, wenn ich mich abmelde, wenn ich mich im Admin abmelde und dann den Kassierer auffrische, wird der Kassierer ebenfalls abgemeldet. I dont wissen, was falsch in meinen Codes ist.

P.S. Die zwei Tabellen befinden sich nur in einer Datenbank. Aber ich nicht in für 2 log seine Notwendigkeit 2 Datenbank denken.

Dies ist der Code index.php für admin_tbl

<?php 
/** *index.php **/ 
session_unset(); 
session_start(); 
require_once 'includes/database.php'; 
$error = ''; 
if (isset($_POST['login'])) 
{ 
$uname = $_POST['username']; 
$pword = $_POST['password']; 
$sql = "SELECT * FROM admin_tbl WHERE uname='$uname' AND pword='$pword' LIMIT 1"; 
$result = mysqli_query(connection(), $sql); 
$user = mysqli_fetch_array($result, MYSQLI_BOTH); 
if ($user) 
{ 
$_SESSION['user_id'] = $user['id']; $_SESSION['name'] = $user['lastname'] . ', ' . $user['firstname']; 
header("Location: user_maintenance.php"); 
} 
else 
    echo '<script language="javascript">'; 
    echo 'alert("Account does not exist!")'; 
    echo '</script>'; 
} 
if (isset($_SESSION['user_id'])) 
{ 
    header("Location: user_maintenance.php"); 
    } 

    ?> 
    <html> 
    <head> 
    <title>Log In</title> 
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link href="css/bootstrap.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet"> 
    <!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> 
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script> 
    <!-- Include all compiled plugins (below), or include individual files as needed --> 
    <script src="js/bootstrap.min.js"></script> 
    <style type="text/css"> 
    body { 

    background:url(images/jerica.jpg)fixed no-repeat center; 
    background-size:cover; 
    font-family: 'helvetica','Source Sans Pro', sans-serif; 
    color: ; 
    font-weight: 300; 
     padding-top: 110px; 
     } 
    .navbar { 
      background-color: #0A3D73; 
      } 
    .navbar-brand { 
    height: 100px; 
    line-height: 70px; 
    color: #fff !important; 
    } 
    .footer { 
    width: 100%; 
    position: absolute; 
    bottom: 20px; 
    } 
    .newtext{ 
     color: grey; 
    } 
    @media (max-width: 367px){ 
    .login-form { 
     margin-top: 5px; 
     } 
      } 
     </style> 
     </head> 
     <body> 
     <div class="container"> 
     <div class="row"> 
     <div class="col-sm-4 col-sm-offset-4 well login-form" style="margin-top:40px; background:rgba(0,0,0,0.65);"> <form action="" method="post" class="form-horizontal" role="form"> 
     <h1 class = "newtext"><center>Login</center></h1> 
     <?php if ($error != ''): ?> 
     <div class="alert alert-danger alert-dismissible" role="alert"> 
     <button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">&times;</span></button> 
     <?= $error ?> 
     </div> 
     <?php endif; ?> 
     <div class="form-group col-sm-12"> <div class="input-group"> <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span> 
     <input type="text" name="username" class="form-control" placeholder="Username" required> 
     </div> 
     </div> 
     <div class="form-group col-sm-12"> 
     <div class="input-group" style="padding-bottom: 10px"> <span class="input-group-addon"> <i class="glyphicon glyphicon-lock"></i></span> 
     <input type="password" name="password" class="form-control" placeholder="Password" required> 
     </div> 
     </div> 
     <input type="hidden" name="student" value="student"> 
     <div class="form-inline"> 
     <center><button class="btn btn-primary" type="submit" name="login"> Log In</button> 
     </form> 
     </div> 
     </div> 
     </div> 
     </body> 
     </html> 

Und dies ist der Code von index.php für cashier_tbl

<?php 
/** *index.php **/ 
session_unset(); 
session_start(); 
require_once 'includes/database.php'; 
$error = ''; 
if (isset($_POST['login'])) 
{ 
$uname = $_POST['username']; 
$pword = $_POST['password']; 
$sql = "SELECT * FROM cashier_tbl WHERE uname='$uname' AND pword='$pword' LIMIT 1"; 
$result = mysqli_query(connection2(), $sql); 
$user = mysqli_fetch_array($result, MYSQLI_BOTH); 
if ($user) 
{ 
$_SESSION['user_id'] = $user['id']; $_SESSION['name'] = $user['lastname'] . ', ' . $user['firstname'] . ' ' . $user['middlename']; 
header("Location: order.php"); 
} 
else 
    echo '<script language="javascript">'; 
    echo 'alert("Account does not exist!")'; 
    echo '</script>'; 
} 
if (isset($_SESSION['user_id'])) 
{ 
    header("Location: order.php"); 
    } 

    ?> 
    <html> 
    <head> 
    <title>Log In</title> 
    <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <link href="css/bootstrap.css" rel="stylesheet"> <link href="css/style.css" rel="stylesheet"> 
    <!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> 
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"> </script> 
    <!-- Include all compiled plugins (below), or include individual files as needed --> 
    <script src="js/bootstrap.min.js"></script> 
    <style type="text/css"> 
    body { 

    background:url(images/jerica.jpg)fixed no-repeat center; 
    background-size:cover; 
    font-family: 'helvetica','Source Sans Pro', sans-serif; 
    color: ; 
    font-weight: 300; 
     padding-top: 110px; 
     } 
    .navbar { 
      background-color: #0A3D73; 
      } 
    .navbar-brand { 
    height: 100px; 
    line-height: 70px; 
    color: #fff !important; 
    } 
    .footer { 
    width: 100%; 
    position: absolute; 
    bottom: 20px; 
    } 
    .newtext{ 
     color: grey; 
    } 
    @media (max-width: 367px){ 
    .login-form { 
     margin-top: 5px; 
     } 
      } 
     </style> 
     </head> 
     <body> 
     <div class="container"> 
     <div class="row"> 
     <div class="col-sm-4 col-sm-offset-4 well login-form" style="margin-top:40px; background:rgba(0,0,0,0.65);"> <form action="" method="post" class="form-horizontal" role="form"> 
     <h1 class = "newtext"><center>Login</center></h1> 
     <?php if ($error != ''): ?> 
     <div class="alert alert-danger alert-dismissible" role="alert"> 
     <button type="button" class="close" data-dismiss="alert" aria-label="Close"> <span aria-hidden="true">&times;</span></button> 
     <?= $error ?> 
     </div> 
     <?php endif; ?> 
     <div class="form-group col-sm-12"> <div class="input-group"> <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span> 
     <input type="text" name="username" class="form-control" placeholder="Username" required> 
     </div> 
     </div> 
     <div class="form-group col-sm-12"> 
     <div class="input-group" style="padding-bottom: 10px"> <span class="input-group-addon"> <i class="glyphicon glyphicon-lock"></i></span> 
     <input type="password" name="password" class="form-control" placeholder="Password" required> 
     </div> 
     </div> 
     <input type="hidden" name="student" value="student"> 
     <div class="form-inline"> 
     <center><button class="btn btn-primary" type="submit" name="login"> Log In</button> 
     </form> 
     </div> 
     </div> 
     </div> 
     </body> 
     </html> 

UPDATE: Danke Jungs! Es hilft mir.

Answer 1

Weil Sie die gleiche Sitzungsvariable verwenden.
Verwenden Sie unterschiedliche Sitzungsvariablen für verschiedene Anmeldungen.

Answer 2

Verwenden Sie eine Sitzungsvariable für Benutzer und eine für Kassierer. So

$_SESSION['admin_logged_in'] 

und

$_SESSION['cashier_logged_in'] 

oder etwas ...

(Lesen Sie auch diese http://php.net/manual/en/security.database.sql-injection.php)