这是我查询使用codeigniter php框架查找存储在mysql数据库中的用户名和密码。
public function find_user($username,$password)
{
$sql = "SELECT *
FROM users_login
WHERE username = ? AND password = ?";
$query = $this->db->query($sql,array($username,md5($password)));
if($query->num_rows() == 1)
{
return TRUE;
}
else
{
return FALSE;
}
}
db的位置:id,username,password。有一些错误,因为它不能正常工作?
这是我的控制器。也许错误就在这里:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Login extends CI_Controller
{
public function __construct()
{
parent::__construct();
$this->load->database(); /* This function it's used to connect to database */
$this->load->model('User','user'); /* This call the model to retrieve data from db */
}
public function index()
{
if(!file_exists('application/views/login.php'))
{
show_404();
}
$this->load->helper('form');
$this->load->library('form_validation');
$this->form_validation->set_rules('username','username','trim|required|xss_clean');
$this->form_validation->set_rules('password','password','trim|required|xss_clean|callback_check_pass');
if($this->form_validation->run() == FALSE)
{
$data['title'] = "User Access";
$this->load->view('login', $data);
}
else
{
$data['title'] = " ";
$this->load->view('/templates/index',$data);
}
}
public function pass_check($pass)
{
$username = $this->input->post('username');
$result = $this->user->find_user($username,$pass);
if($result)
{
return TRUE;
}
else
{
$this->form_validation->set_message('pass_check','Invalid username or password! Try Again, please!');
return FALSE;
}
}
}
答案 0 :(得分:1)
Mazzy,首先要记住这一点:
if($query->num_rows() == 1)
{
return TRUE;
}
else
{
return FALSE;
}
可以写成:
return $query->num_rows() == 1;
我对PHP / CodeIgniter首选语法了解不多,但它更紧凑(对我来说很舒服)。
现在,试着挖掘你的问题。对于DB中不存在的特定用户/密码组合,$query->num_rows()返回什么?
如果匹配某些内容(大于0),则应手动检查数据,并查看数据库中是否有与该用户/密码组合匹配的记录。