我似乎不知道该怎么做。 我正在尝试获取用户的用户名和密码,并将其与数据库中的散列密码进行比较,以验证他们的凭据并登录。
这是代码:
session_start(); // Start Session
include 'db.php';
$dbh = new PDO("mysql:host=$dbhost;dbname=$database_name", $dbusername, $dbpasswd);
// Conver to simple variables
$username = $_POST['username'];
$password = $_POST['password'];
/*if((!$username) || (!$password)){
echo "Please enter ALL of the information! <br />";
include 'login.html';
exit();*/
//}
$sql = $dbh->prepare("SELECT * FROM users WHERE username=?");
$result = $sql->execute([$username]);
$users = $result->fetchAll();
// $sql = "SELECT * FROM users WHERE username = ?";
// $stmt = $dbh->prepare($sql);
// $result = $stmt->execute([$username]);
// $users = $result->fetchAll();
if (isset($users[0])) {
if (password_verify($password, $users[0]->password)) {
//Register some session variables!
session_register('email_address');
$_SESSION["username"] = $username;
$_SESSION["email_address"] = $email_address;
//session_register('special_user');
$_SESSION["user_level"] = $user_level;
mysql_query("UPDATE users SET last_login=now() WHERE userid='$userid'");
header("Location: daily_picks.php");
} else {
echo "Invalid Credentials";
include 'login.html';
}
} else {
echo "Invalid Credentials";
include 'login.html';
}
获取对成员函数 fetchAll() 的错误调用 在 . 中的非对象上。
你的对象是$sql
。
所以:
$result = $sql->execute([$username]);
$users = $result->fetchAll();
应该是:
$result = $sql->execute([$username]);
$users = $sql->fetchAll();
请注意,execute()
返回一个布尔值。