PDO数据库验证登录 - 这是最好的方法吗?

时间:2013-06-22 07:30:16

标签: php oop login pdo

使用小型网站的登录系统。 这是我的代码

<?php

/**
 * Description of Database
 * Database class using PDO and prepared statements
 *
 * @author me
 */
class Database{

    private $dsn = "";
    private $username = "";
    private $password = "";
    public $dbhandler;

    private static $instance;

    private function __construct() {
        try{

            $this->dbhandler = new PDO($this->dsn, $this->username, $this->password);

            /*** set the error mode to excptions ***/
            $this->dbhandler->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

        } catch(PDOException $exception){
            die($exception->getMessage());
        }

    }

    //singleton instance
    private static function getInstance(){
        if (!isset(self::$instance))
        {
            $object = __CLASS__;
            self::$instance = new $object;
        }
        return self::$instance;

    }


    /**
     * verifyLogin
     * 
     * function to verify login for users
     * 
     * @param string $username
     * @param string $password
     * 
     * @return void
     */
    private function verifyLogin($username, $password){
        $stmt = $this->dbhandler->prepare("SELECT * FROM users where username= :username AND password= :password");
        $stmt->bindParam(':username', $username, PDO::PARAM_STR,30);
        $stmt->bindParam(':password', $password, PDO::PARAM_STR, 15);

        $stmt->execute();

        $userid = $stmt->fetchColumn();
        if($userid==false){
            echo 'Unable to login';
        }
        else{
            /*** set the session user_id variable ***/
            $_SESSION['userid'] = $userid;

            /*** tell the user we are logged in ***/
            $message = 'You are now logged in';
            echo $message;
        }
    }

}
?>

在继续之前,我想知道它是否是使用PDO实现登录系统的最佳方式? 通常,是否需要维护与数据库的单个连接(在此处使用单例实例)?

0 个答案:

没有答案
相关问题
最新问题