我有一个简单的登录系统,在尝试获取行数时我什么也得不到,同样的方法一直用于工作,我不知道今天发生了什么。
代码:
<?php
class LoginClass {
public $User;
public $Pass;
public $Query;
function Init() {
$User = $this->User;
$Pass = $this->Pass;
if($User != '')
{
if($Pass != '')
{
$this->HashPass();
}
else
{
echo 'Please Enter A Password.';
}
}
else
{
echo 'Please Enter A Username or E-Mail.';
}
}
function HashPass() {
$Pass = $this->Pass;
$this->Pass = hash('sha256', $Pass);
$this->CheckUser();
}
function CheckUser() {
$User = $this->User;
if(!filter_var($User, FILTER_VALIDATE_EMAIL))
{
$this->Query = 'SELECT * FROM Users WHERE User = "'.$User.'" AND Pass = "'.$this->Pass.'"';
}
else
{
$this->Query = 'SELECT * FROM Users WHERE EMail = "'.$User.'" AND Pass = "'.$this->Pass.'"';
}
$this->CheckDB();
}
function CheckDB() {
$Query = $this->Query;
$Connect = new mysqli("127.0.0.1", "root", "", "Data");
$Stmt = $Connect->prepare($Query)
$Stmt->execute();
$Stmt->store_result();
echo $Stmt->num_rows;
$Stmt->close();
$Connect->close();
}
function SetupSession() {
echo 'Test';
}
}
SELECT * FROM Users WHERE User =“Test”AND Pass =“532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25”
我还检查了我的数据库,所有表都设置正确,没有密码。
答案 0 :(得分:0)
好的,需要比评论区域更多的空间,问题显然在这个块中:
function CheckDB() {
$Query = $this->Query;
$Connect = new mysqli("127.0.0.1", "root", "", "Data");
$Stmt = $Connect->prepare($Query)
$Stmt->execute();
$Stmt->store_result();
echo $Stmt->num_rows;
$Stmt->close();
$Connect->close();
}
我认为这是因为你没有将参数绑定到准备好的语句,你已经将它们包含在你早期的语句中。因此,您可能希望:
切换到未准备好的声明
这里的简单选项是切换到未准备好的声明。用以下内容替换您的块:
function CheckDB() {
$Query = $this->Query;
$Connect = new mysqli("127.0.0.1", "root", "", "Data");
$Stmt = $Connect->query($Query)
echo $Stmt->num_rows;
$Stmt->close();
$Connect->close();
}
这种方法需要注意:您需要在定义$User的块中清理用户输入,否则您将自己打开mysql注入。在该块中,更改此行:
$User = $this->User;
以下内容:
$User = mysql_real_escape_string($this->User);