我的查询问题没有在我的登录类的嵌套尝试中执行。 基本上脚本会记录用户,然后检查用户是否选择了#34;记住我",在这种情况下,它应该创建一个cookie,并在cookie和数据库中保存生成的值,然后检查以后访问该网站。为了测试目的,我将这个密钥的加密破解了(它基本上只是将电子邮件保存为令牌,这仅用于测试目的)。
但查询没有解雇。我尝试使用和不使用嵌套的try语句,并报告各种错误,但它只是忽略查询并正确创建cookie。
public function login($email, $password, $remember = false) {
global $bcrypt; // Again make get the bcrypt variable, which is defined in init.php, which is included in login.php where this function is called
$query = $this->db->prepare("SELECT password, id FROM users WHERE email = ?");
$query->bindValue(1, $email);
try{
$query->execute();
$data = $query->fetch();
$stored_password = $data['password']; // stored hashed password
$id = $data['id']; // id of the user to be returned if the password is verified, below.
if($bcrypt->verify($password, $stored_password) === true){ // using the verify method to compare the password with the stored hashed password.
// Check if user wants account to be saved in cookie
if($remember)
{
// Generate new auth key for each log in (so old auth key can not be used multiple times in case of cookie hijacking).
$cookie_auth = $email;
$auth_key = $cookie_auth;
$auth_query = $this->db->prepare("UPDATE users SET auth_key = ? WHERE email = ?");
$auth_query->bindValue(1, $auth_key);
$auth_query->bindValue(2, $email);
try{
$auth_query->execute();
setcookie("auth_key", $auth_key, time() + 60 * 60 * 24 * 7, "/", "touringlegends.com", false, true);
}catch(PDOException $e){
die($e->getMessage());
}
}
return $id; // returning the user's id.
}else{
return false;
}
}catch(PDOException $e){
die($e->getMessage());
}
}