我遇到以下问题的问题。我希望用户使用他们的用户名或电子邮件登录。当我使用用户名时它工作得很好但是当我使用电子邮件时我即使密码错误也可以登录。
public function can_login(){
$user_mail = $this->input->post('user_mail');
$this->db->where('email =', $user_mail);
$this->db->or_where('username =', $user_mail);
$this->db->where('password',md5($this->input->post('password')));
$this->db->where('status =', 'registered');
$query=$this->db->get('user');
if($query->num_rows()== 1) {
return true;
} else {
return false;
}
}
答案 0 :(得分:3)
试试这个
$this->db->where("email = '$user_mail' or username = '$user_mail'");
$this->db->where('password', md5($this->input->post('password')));
$this->db->where('status', 'registered');
$query=$this->db->get('user');
答案 1 :(得分:0)
您可以像这样使用CodeIgniter Query Binding:
更改:
$this->db->where('email =', $user_mail);
$this->db->or_where('username =', $user_mail);
$this->db->where('password',md5($this->input->post('password')));
$this->db->where('status =', 'registered');
$query=$this->db->get('user');
要
$sql = "SELECT * FROM user WHERE (email = ? OR username = ?) AND password = ? AND status = 'registered' LIMIT 1";
$query = $this->db->query($sql, array($user_mail, $user_mail, md5($this->input->post('password')));
答案 2 :(得分:0)
public function can_login(){
$user_mail = $this->input->post('user_mail');
$password= MD5($this->input->post('password'));
$this->db->select('username,email,password');
$this->db->where("(email = '$user_mail' OR username = '$user_mail') AND password = '$password' AND status = 'registered'");
$query=$this->db->get('user');`
if($query->num_rows()== 1)
{
return true;
}else
{
return false;
}
}