所以这是交易。我想为我的Web应用程序创建登录屏幕,但似乎我坚持在我的数据库中访问表(korisnici)。
当我尝试登录时,我一直收到这行文字:
致命错误: 未捕获的异常' PDOException'消息' SQLSTATE [HY093]:参数号无效:参数未定义'
这是我的代码:
<?php
session_start();
// sadrži podatke potrebne za spajanje na bazu
define('DB_HOST', 'localhost'); // naziv servera - najčešće nije potrebno mijenjati ako je server lokalni
define('DB_NAME', 'razvrstane_ceste'); // naziv baze
define('DB_USER', 'razvrstane'); // korisnik za spajanje
define('DB_PASS', 'razvrstane'); // lozinka baze
//PDO Database Connection
try {
$databaseConnection = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME.';charset=utf8', DB_USER, DB_PASS );
$databaseConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
//PDO Database Connection
if(isset($_POST['submit'])){
$errMsg = '';
//ime and password sent from Form
$ime = trim($_POST['ime']);
$lozinka = trim($_POST['lozinka']);
if($ime == '')
$errMsg .= 'You must enter your Username<br>';
if($lozinka == '')
$errMsg .= 'You must enter your Password<br>';
if($errMsg == ''){
$records = $databaseConnection->prepare('SELECT id,ime,lozinka FROM korisnici WHERE lozinka = :lozinka');
$records->bindParam(':ime', $ime);
$records->execute();
$results = $records->fetch(PDO::FETCH_ASSOC);
if(count($results) > 0 && password_verify($lozinka, $results['lozinka'])){
$_SESSION['ime'] = $results['ime'];
header('location:razvrstane_ceste.php');
exit;
}else{
$errMsg .= 'Username and Password are not found<br>';
}
}
}
?>
<html>
<head><title>Login Page PHP Script</title></head>
<body>
<div align="center">
<div style="width:300px; border: solid 1px #006D9C; " align="left">
<?php
if(isset($errMsg)){
echo '<div style="color:#FF0000;text-align:center;font-size:12px;">'.$errMsg.'</div>';
}
?>
<div style="background-color:#006D9C; color:#FFFFFF; padding:3px;"><b>Login</b></div>
<div style="margin:30px">
<form action="" method="post">
<label>Korisnik :</label><input type="text" name="ime" class="box"/><br /><br />
<label>Zaporka :</label><input type="password" name="lozinka" class="box" /><br/><br />
<input type="submit" name='submit' value="Submit" class='submit'/><br />
</form>
</div>
</div>
</div>
</body>
</html>
答案 0 :(得分:1)
使用:lozinka
$records->bindParam(':ime', $ime);
需要
$records->bindParam(':lozinka', $ime);
或者更改prepare语句中的参数。
答案 1 :(得分:1)
这是因为您提供了错误的占位符和绑定值与其他
if($errMsg == ''){
$records = $databaseConnection->prepare('SELECT id,ime,lozinka FROM korisnici WHERE lozinka = :lozinka');
$records->bindParam(':ime', $ime);
it should be like:
if($errMsg == ''){
$records = $databaseConnection->prepare('SELECT id,ime,lozinka FROM korisnici WHERE lozinka = :lozinka');
$records->bindParam(':lozinka', $ime);
绑定lonzinka
答案 2 :(得分:1)
更改此行代码:
$records = $databaseConnection->prepare('SELECT id,ime,lozinka FROM korisnici WHERE lozinka = :lozinka');
$records->bindParam(':ime', $ime);
这里你在WHERE条件中参数名是:lozinka和bindParam()方法你有参数名称:ime,使两个地方的参数名相同
使用以下代码:
$records = $databaseConnection->prepare('SELECT id,ime,lozinka FROM korisnici WHERE lozinka = :lozinka');
$records->bindParam(':lozinka', $ime);
我希望这会对你有所帮助。