我和我的伙伴已经连续工作了近24小时,试图解决这个问题,我觉得这很简单,我们不应该有问题。我们正在尝试使用sqlite数据库中的PHP对用户进行身份验证。我们已经看过无数的帖子和教程,关于如何使用mySQL数据库,但不是sqlite3。我们确实找到的 one 就在这里,它对我们不起作用(不,我们不仅仅是复制和粘贴)。那么,谁能告诉我们出了什么问题?我们不断收到服务器500错误,而且根本没有验证。首先,php将显示在页面上,但现在我们只是得到错误。 简而言之 - 我们试图从sqlite数据库中提取电子邮件地址和密码信息并使用php验证它,因此用户可以登录并查看成员主页。 PHP代码:
<?php
$dir = 'sqlite:db/Quizionality.db':
$db = new PDO($dir) or die ("Unable to open");
$email_address = $_POST['email_address'];
$password = $_POST['password'];
$email_address =($email_address);
$password =($password);
$email_address = intval($_POST["email_address"]);
$password = intval($_POST["password"]);
$sql = "SELECT * FROM user_info WHERE email_address='$email_address' AND password='$password'";
$sql .= "where email_address=? AND where password=?";
$stmt = $db->prepare($sql);
$stmt->bindParam(1, $email_address);
$stmt->bindParam(2, $password);
$result = $stmt->execute($sql);
while($column=$stmt->fetch())
{
echo $column["email_address"];
echo $column["password"];
};
};
if($email_address==1){
echo "<h1>Logged In</h1>";
};
?>
HTML
<!DOCTYPE html>
<html>
<head>
<title>Quizonality</title>
<link rel="stylesheet" href="css/QuizonalityLogInForMembers.css" type="text/css" />
</head>
<body>
<header>
<nav id="header_wrapper">
<h1 id="logo"><a href="#"> QUIZONALITY</a></h1>
<ul id="navigate">
<li><a href="#">Home</a></li>
<li><a href="#">Contact</a></li>
<li><a href="#">Login</a></li>
<li><a href="#">Create</a></li>
</ul>
</nav>
</header>
<body>
<div id="main">
<h2 id="main_head"> Already Existing Members </h2>
<form id="loginform" name="myForm" method="post" action="login_for_mems.php">
<div>Username (Email):</div>
<input id="username" type="text" name="username" >
<div>Password:</div>
<input id="password" type="text" name="password" type="password">
<br>
<input type="submit" value="Login" >
</br>
</div>
</form>
<footer>
<div id="footer_nav">
<div id="footer_nav_wrapper">
<ul>
<li><a href="#">Home</a></li>
<li><a href="#">Contact</a></li>
<li><a href="#">Login</a></li>
<li><a href="#">Create</a></li>
</ul>
</footer>
</body>
</html>
提前感谢您的任何建议。
** PHP UPDATE w /错误报告 - 这是我们目前的
<?php
error_reporting(-1);
ini_set('display_errors', 'On');
$email = isset($_POST['username'])? $_POST['username'] : '';
$password = isset($_POST['password'])? $_POST['password'] : '';
$db = new PDO('sqlite:db/Quizionality.db');
$stmt = $db->prepare('SELECT * FROM user_info WHERE email_address = ? and password = ?');
$stmt->execute(array($email, $password));
if($stmt->rowCount())
{
echo "<h3>Logged In</h3>";
}
else
{
echo "<h3>Login Failed</h3>";
}
?>
答案 0 :(得分:0)
请注意您的问题建议您将密码保存为数据库中的纯文本 - 您从不想要这样做(使用哈希代替)但以下代码旨在与您现有的数据库一起使用:
//get email and pass from POST - set to empty string if not set
$email = isset($_POST['username'])? $_POST['username'] : ''; //Your form html uses name="username" so thats the key we use here
$password = isset($_POST['password'])? $_POST['password'] : '';
//create PDO object with sqlite db
$db = new PDO('sqlite:db/Quizionality.db');
//prepare statement, with unnamed query parameters denoted by ? placeholder
$stmt = $db->prepare('SELECT * FROM user_info WHERE email_address = ? and password = ?');
//bind query parameters to placeholders and execute query
$stmt->execute(array($email, $password));
//rowCount does not work for SQLITE, however empty array is 'falsy', an array with content (in the case of a successfull login) is 'truthy', so:
if($stmt->fetchAll()){
//do something now user is authenticated, eg set a SESSION value, redirect etc
echo 'Logged In';
}
同样,我强烈建议您更改数据库以使用密码哈希,请参阅http://php.net/manual/en/function.password-hash.php
此外,您的代码中的许多问题都是明显的sytax错误 - 任何体面的PHP IDE都应该能够突出显示这些 - 所以我建议您使用一个。 Netbeans是一个很好的免费的,PHPStorm是一个(可以说是更好的)付费的