我用PDO替换了我平庸的mysql_ *查询系统。但是,我的登录脚本停止工作。它必须是提取数据的问题,因为我的用户名已通过,但我的密码没有。
<?php
session_start();
include('config.php');
include('cipher.php');
$usercheck = $_POST["email"];
$passcheck = $_POST["pass"];
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = :usercheck');
$stmt->execute(array(
':usercheck' => $usercheck
));
$num = $stmt->rowCount();
if ($num == 1) {
$bcrypt = new Bcrypt(15);
$record = $stmt->fetchAll();
$hash = $record['password'];
$isGood = $bcrypt->verify($passcheck, $hash);
if ($isGood == 1) {
$_SESSION['fname'] = $record['firstname'];
$_SESSION['lname'] = $record['lastname'];
$_SESSION['email'] = $record['email'];
$_SESSION['user'] = $record['email'];
$_SESSION['uid'] = $record['uid'];
$_SESSION['birthday'] = $record['birthday'];
$_SESSION['type'] = $record['pagetype'];
$_SESSION['backcolor'] = $record['backcolor'];
$_SESSION['barcolor'] = $record['barcolor'];
$_SESSION['activated'] = $record['activated'];
if ($_SESSION['activated'] == 0) {
$_SESSION['newemail'] = $record['email'];
unset($_SESSION['fname']);
unset($_SESSION['lname']);
unset($_SESSION['email']);
unset($_SESSION['user']);
unset($_SESSION['uid']);
unset($_SESSION['birthday']);
unset($_SESSION['type']);
unset($_SESSION['backcolor']);
unset($_SESSION['barcolor']);
header('Location: mustactivate.php');
} else {
if ($_SESSION['type'] == 1) {
header('Location: profile.php');
} else {
if ($_SESSION['type'] == 2) {
header('Location: mypage.php');
} else {
header('Location: setup.php');
}
}
}
} else
header('Location: login.php?error=badpass');
} else
header('Location: login.php?error=bademail');
?>
答案 0 :(得分:2)
$record = $stmt->fetchAll();
$hash = $record['password'];
fetchAll()方法返回一个行数组。所以不会有$record['password']。
尝试var_dump($record)向自己展示该变量中的内容。
要解决此问题,您可以使用$record[0]['password']。或者,如果您只需要一行,则可以使用$stmt->fetch()获取它。
答案 1 :(得分:1)
只是因为 fetchAll 会返回一个数组,所以请直接使用$record[0]代替$record:$record[0]['password']
或$record = $stmt->fetchAll();之后添加$record = $record[0];并将所有其余内容留给$record['field_name']