PDO登录 - 将用户级别添加到会话

时间:2014-08-22 07:39:31

标签: php pdo

我需要在登录时从数据库添加用户级别,不幸的是我做错了因为它根本不工作。我的代码如下:

 public $username = null;
 public $password = null;
 public $salt = "Zo4rU5Z1YyKJAASY0PT6EUg7BBYdlEhPaNLuxAwU8lqu1ElzHv0Ri7EM6irpx5w";

 public function __construct( $data = array() ) {
     if( isset( $data['username'] ) ) $this->username = stripslashes( strip_tags( $data['username'] ) );
     if( isset( $data['password'] ) ) $this->password = stripslashes( strip_tags( $data['password'] ) );
 }

 public function storeFormValues( $params ) {
    //store the parameters
    $this->__construct( $params ); 
 }

登录功能

 public function userLogin() {
     $success = false;
     try{
        $con = new PDO( DB_HOST, DB_USER, DB_PASS ); 
        $con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
        $sql = "SELECT * FROM users WHERE username = :username AND password = :password LIMIT 90";

        $stmt = $con->prepare( $sql );
        $stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
        $stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
        $stmt->execute();

        $valid = $stmt->fetchColumn();
        $_SESSION['username'] = $this->username;
        $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
        $_SESSION['level'] = $rows[0]['userID'];
        $_SESSION['id'] = "6";
        if( $valid ) {
            $success = true;
        }
        $con = null;
        return $success;
     }catch (PDOException $e) {
         echo $e->getMessage();
         return $success;
     }
 }

Sumary
我需要什么:当用户登录时,从数据库表中获取他的级别并将其添加到$ _SESSION [' level']
我得到了什么错误:我没有得到任何错误,会话级别被清空了 问题在哪里:说实话我不知道,没有收到任何错误,所以我不知道我做错了所以我希望得到一些建议或解释

print_r of my $_SESSION:

Array ( [username] => michal [id] => 6 [loggedin] => 1 [level] => )

1 个答案:

答案 0 :(得分:0)

在编写会话之前,您应首先启动它:

session_start();

您应该使用fetch()因为它是一行。

$stmt->execute();

if($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
    session_start();
    $_SESSION['username'] = $this->username;
    $_SESSION['level'] = $row['userID'];
    $_SESSION['id'] = "6";
    return true;
}

 public function userLogin() {
     try{
        $con = new PDO( DB_HOST, DB_USER, DB_PASS ); 
        $con->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
        $sql = "SELECT * FROM users WHERE username = :username AND password = :password LIMIT 90";
        $stmt = $con->prepare( $sql );
        $stmt->bindValue( "username", $this->username, PDO::PARAM_STR );
        $stmt->bindValue( "password", hash("sha256", $this->password . $this->salt), PDO::PARAM_STR );
        $stmt->execute();

        if($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
            session_start();
            $_SESSION['username'] = $this->username;
            $_SESSION['level'] = $row['userID'];
            $_SESSION['id'] = "6";
            return true;
        }else{
            return false;
        }
        $con = null;
        return $success;
     }catch (PDOException $e) {
         echo $e->getMessage();
         return false;
     }
 }
相关问题
最新问题