我正在用OOP PHP创建一个登录系统。
问题是在执行if...else
语句时,我检查电子邮件是否正确以及相应电子邮件的密码不正确。如果是这样,我显示错误密码不正确。
但是,if...else
语句未按预期工作。它不返回任何结果,即 NULL
.
登录.php
<?php
include('conn.php');
class Login extends Connection {
private $dbEmail;
private $dbPassword;
private $query;
public $emError;
public $paError;
public function loginFormHandler($email, $password) {
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password");
$this->query->bindParam(':email', $email);
$this->query->bindParam(':password', $password);
$this->query->execute();
while($row = $this->query->fetch(PDO::FETCH_ASSOC)) {
$this->dbEmail = $row['email'];
$this->dbPassword = $row['password'];
}
if ($this->dbEmail === $email && $this->dbPassword !== $password) {
$this->paError = 'Password Error';
}
}
public function errors() {
return array($this->emError, $this->paError);
}
}
这是索引.php
<?php
include('class/login.php');
$err = [];
if(isset($_POST['email']) && isset($_POST['password'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if(!empty($email) && !empty($password)) {
$user = new Login;
$user->loginFormHandler($email, $password);
var_dump($err = $user->errors());
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Login Form</title>
</head>
<body>
<div class="form">
<form action="/oop/index.php" method="POST" accept-charset="UTF-8">
<label for="email">Email: </label><br>
<input type="email" name="email" required><br>
<?php if($err) {echo $err[0];} ?><br>
<label for="password">Password: </label><br>
<input type="password" name="password" required><br>
<?php if($err) {echo $err[1];} ?><br>
<input type="submit" value="Login">
</form>
</div>
</body>
</html>
如您所见,我正在数组中发送错误并显示相应的错误。
帮我解决这个问题。
只需检查行是否存在(如果存在(即可启动会话。否则重定向回并显示错误您可以通过fetchColumn()
检查行是否存在你的登录功能应该是这样的
public function loginFormHandler($email, $password) {
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password");
$this->query->bindParam(':email', $email);
$this->query->bindParam(':password', $password);
$res=$this->query->execute();
$num_rows = $res->fetchColumn();
if ($num_rows>0) {
$row = $this->query->fetch(PDO::FETCH_ASSOC);
echo "success";
//Do something
}
else{
echo 'email or password is not valid';
//or do something
}
}
如果您在代码中获取数据库中的电子邮件和密码,那么很明显密码永远不会出错(如果错误,则不会从 db = NULL 中获取任何内容(。你的代码是这样的:
class Login extends Connection {
private $email;
private $password;
private $query;
public $emError;
public $paError;
private function selectLogin(){
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password LIMIT 1");
$this->query->bindParam(':email', $this -> email);
$this->query->bindParam(':password', $this -> password);
$this->query->execute();
return $this->query->fetch(PDO::FETCH_ASSOC);
}
public function loginFormHandler($email, $password){
$this -> email = $email;
$this -> password = $password;
$result = $this -> selectLogin();
if(is_null($result)){
$this->emError = $this -> email;
$this->paError = 'Email or Password error';
} else {
// do something
}
}
public function errors() {
return array($this->emError, $this->paError);
}
}