你好每个人都喜欢标题说我已经知道这个错误我想知道为什么以及如何。我也想了解。在这里我的代码:
<div align = "center">
<form action = 'connection.php' method="post">
<p> Entrer vos informations </p>
<label for="usrUserName">Votre code d'usager </label> <input
id="usrUserName" name="usrUserName" /><br />
<label for="usrPassword">Votre mot de passe </label> <input
id="usrPassword" name="usrPassword" type="password" /><br />
<input type="submit" value="connection" />
</form>
for my connection.php
<?php
//hash md5
$salt= MD5("00Salt02");
if (isSet($_POST['usrUserName']) AND isSet ($_POST['usrPassword']))
{
// hash to sha256
$pass_hache = hash("sha256", ($salt + $_POST['usrPassword']));
echo base64_encode($pass_hache);
$mysqli = new mysqli($host_name,$user_name,$pass_word, $database_name);
if ($mysqli->connect_errno)
{
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
//select my user and pass
$req = $mysqli->prepare('SELECT * FROM users WHERE usrUserName = :usrUserName AND usrPassword = :usrPassword');
$req->execute(array('usrUserName' => $_POST['usrUserName'], 'usrPassword' => $pass_hache));
$resultat = $req->fetch();
//if is not the result
if (!$resultat)
{
$_SESSION['usrUserName'] = $_POST['usrUserName'];
echo 'Mauvais identifiant ou mot de passe !';
//return button
?>
<form action = 'login.php' method="post">
<input type="submit" value="retour" />
</form>
<?php
}
else {
//connected hooray!
session_start();
$_POST['usrUserName'] = $resultat['numero'];
echo 'Vous etes connecté !';
}
}
else
{
echo 'ERROR!';
}
?>
有什么想法吗?
答案 0 :(得分:1)
尝试这种方式:
$req = $mysqli->prepare('SELECT * FROM users WHERE usrUserName = ? AND usrPassword = ?');
$req->bind_param("ss", $_POST['usrUserName'], $pass_hache);
$req->execute();
答案 1 :(得分:0)
这就是你应该做的事情
$req->bind_param('usrUserName', $_POST['usrUserName']);
$req->bind_param('usrPassword', $pass_hache));
$req->execute();