这是我的代码
/*** check if the users is already logged in ***/
if(isset( $_SESSION['user_id'] ))
{
$message = 'Users is already logged in';
}
else
{
/*** if we are here the data is valid and we can insert it into database ***/
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
/*** now we can encrypt the password ***/
$password = sha1( $password );
try
{
$stmt = $dbh->prepare("SELECT user_id, username, password FROM users_tbl WHERE username = :username AND password = :password");
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR, 20);
$stmt->execute();
$user_id = $stmt->fetchColumn();
if($user_id == false)
{
$message = 'Login Failed';
}
else
{
$_SESSION['user_id'] = $user_id;
$message = 'You are now logged in';
}
}
catch(Exception $e)
{
$message = 'We are unable to process your request. Please try again later"';
}
}
?>
<html>
<head>
<title>Login process</title>
</head>
<body>
<p><?php echo $message; ?></p>
</body>
</html>
我在第16行和第17行出错了
$username = filter_var($_POST['username'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
有人可以帮助我