仅登录第一个用户错误

时间:2014-10-17 02:21:54

标签: mysql pdo php-5.5

我使用php 5.5和pdo创建登录代码。代码工作正常,但唯一的第一个用户是loged in I not not not know for why?例如,我的数据库表中有5个用户。当我登录第一个然后它去logedin但是当我尝试登录第二个或第三个然后它将显示一个错误消息,我设置不正确的数据登录。以下是我的登录代码...... 

<?php
session_start();
include 'conn.php';
try
{
    $user = $_POST['user'];
    $pass = $_POST['pass'];
    $remember=$_POST['remember'];
        $smt=$conn->prepare("SELECT * FROM signup");
        $smt->execute();
        $result=$smt->fetch(PDO::FETCH_OBJ);
        $prev=$result->Password;
    $usr=$result->Username;

        if(password_verify($pass,$prev)& $user===$usr)
        {
        // Set username session variable
        $_SESSION['user'] = $user;
        // Jump to secured page
        header('location:index.php');
    }


    else
    {

        header('location:signin.php');
        $_SESSION['login']="Incorrect username or password";
    }

    if($remember)
    {
        setcookie('remember-me',$user,time()+3600000);
        setcookie('remember-pass',$pass,time()+3600000);
        header('location:index.php');

    }
    else
    {
        setcookie('remember-me',$user,false);
        setcookie('remember-pass',$pass,false);


    }

}
catch(PDOException $e)
{
    throw new PDOException($e);
}

?>

提前致谢...

2 个答案:

答案 0 :(得分:0)

您错过了WHERE CLAUSE

SELECT * FROM signup WHERE Username = :user

将您的代码调整为以下内容:

$smt=$conn->prepare("SELECT * FROM signup WHERE Username =:user");
$smt->execute(array(':user'=>$user));

答案 1 :(得分:0)

请使用以下代码更新您的代码

<?php
session_start();
include 'conn.php';
try
{
    $user = $_POST['user'];
    $pass = $_POST['pass'];
    $remember=$_POST['remember'];
        $smt=$conn->prepare("SELECT * FROM signup WHERE username = '".$user."' AND password = '".$pass."' ");
        $smt->execute();
        $result=$smt->fetch(PDO::FETCH_OBJ);
        $prev=$result->Password;
    $usr=$result->Username;

        if(password_verify($pass,$prev)& $user===$usr)
        {
        // Set username session variable
        $_SESSION['user'] = $user;
        // Jump to secured page
        header('location:index.php');
    }


    else
    {

        header('location:signin.php');
        $_SESSION['login']="Incorrect username or password";
    }

    if($remember)
    {
        setcookie('remember-me',$user,time()+3600000);
        setcookie('remember-pass',$pass,time()+3600000);
        header('location:index.php');

    }
    else
    {
        setcookie('remember-me',$user,false);
        setcookie('remember-pass',$pass,false);


    }

}
catch(PDOException $e)
{
    throw new PDOException($e);
}

?>
相关问题
最新问题