我有一个用户类,可以将用户保存到我的MySQL dbase中。这很好用,但我正在尝试记录新用户和对现有用户所做的更改。 此日志记录功能未执行,我检查过的查询不会返回任何错误。
用户类:
class User
{
private $db;
function __construct($db_con)
{
$this->db = $db_con;
}
public function log_change_user($id, $action)
{
$usr_name = get_name($this->db, $id, 'full');
$cur_user = $_SESSION['user_id'];
if($action == 'new')
{
$log_act = 0;
}
else if($action == 'edit')
{
$log_act = 1;
}
else if($action == 'delete')
{
$log_act = 2;
}
try {
$stmt = $this->db->prepare("INSERT INTO mainlog (user, action, type, subject_id, subj_name, cdate) VALUES (:user_id, :action, 0, :id, :subj_name, now())");
$stmt->bindParam(":user_id", $cur_user);
$stmt->bindParam(":action", $log_act);
$stmt->bindParam(":id", $id);
$stmt->bindParam(":subj_name", $usr_name);
$stmt->execute();
return $stmt;
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
public function register($user_id, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob)
{
try
{
if($pass !== null)
{
$new_password = password_hash($pass, PASSWORD_DEFAULT);
$stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, password, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :pass, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, password=:pass, role=:role, phone=:phone, dob=:dob, edate=now()");
$stmt->bindparam(":pass", $new_password);
}
else
{
$stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, role=:role, phone=:phone, dob=:dob, edate=now()");
}
$stmt->bindParam(":id", $user_id);
$stmt->bindparam(":fname", $fname);
$stmt->bindparam(":lname", $lname);
$stmt->bindparam(":prefix", $prefix);
$stmt->bindparam(":email", $email);
$stmt->bindparam(":role", $role);
$stmt->bindparam(":phone", $phone);
$stmt->bindparam(":dob", $dob);
$stmt->execute();
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
public function login($email, $pass)
{
try
{
$stmt = $this->db->prepare("SELECT id, password, role FROM users WHERE email=:email LIMIT 1");
$stmt->execute(array(':email' => $email));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() > 0)
{
if(password_verify($pass, $row['password']))
{
$_SESSION['user_id'] = $row['id'];
$_SESSION['user_role'] = $row['role'];
return true;
}
else
{
return false;
}
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
public function is_loggedin()
{
if(isset($_SESSION['user_id']))
{
return true;
}
else
{
return false;
}
}
public function redirect($view)
{
$_GET['view'] = $view;
}
public function logout()
{
session_destroy();
unset($_SESSION['user_id']);
unset($_SESSION['user_role']);
return true;
}
}
我的Ajax调用使用的users.php:
require_once('../../../../config/config.php');
if(isset($_POST['add_user']))
{
if($_POST['add_user'] == true)
{
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$prefix = $_POST['prefix'];
$email = $_POST['email'];
if(isset($_POST['pass']))
{
$pass = $_POST['pass'];
}
else
{
$pass = '';
}
$role = $_POST['role'];
$phone = $_POST['phone'];
$dob = date('Y-m-d', strtotime($_POST['dob']));
$add_user = new User($db_con);
if($add_user->register(null, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob))
{
return true;
}
else
{
return false;
}
}
else if($_POST['add_user'] == false)
{
$user_id = $_POST['uid'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$prefix = $_POST['prefix'];
$email = $_POST['email'];
$role = $_POST['role'];
$phone = $_POST['phone'];
$dob = date('Y-m-d', strtotime($_POST['dob']));
$edit_user = new User($db_con);
if($edit_user->register($user_id, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob))
{
$edit_user->log_change_user($user_id, 'edit');
return true;
}
else
{
return false;
}
}
}
if(isset($_POST['delete_user']))
{
$id = $_POST['delete_user'];
$stmt = $db_con->prepare("DELETE FROM users WHERE id=:id");
//add_log_entry($db_con, $_SESSION['user_id'], 2, 0, $id);
if($stmt->execute(array(':id' => $id)))
{
echo true;
}
else
{
echo false;
}
}
if(isset($_POST['get_user_data']))
{
$id = $_POST['get_user_data'];
$stmt = $db_con->prepare("SELECT * FROM users WHERE id=:id");
$stmt->execute(array(':id' => $id));
$record = $stmt->fetch(PDO::FETCH_OBJ);
echo json_encode($record);
}
if(isset($_POST['user_full_name']))
{
$id = $_POST['user_full_name'];
echo get_name($db_con, $id, 'full');
}
答案 0 :(得分:1)
此代码中存在两个问题:
register函数在成功时将返回true,但事实并非如此。 你需要解决这个问题。
public function register($user_id, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob)
{
try
{
if($pass !== null)
{
$new_password = password_hash($pass, PASSWORD_DEFAULT);
$stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, password, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :pass, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, password=:pass, role=:role, phone=:phone, dob=:dob, edate=now()");
$stmt->bindparam(":pass", $new_password);
}
else
{
$stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, role=:role, phone=:phone, dob=:dob, edate=now()");
}
$stmt->bindParam(":id", $user_id);
$stmt->bindparam(":fname", $fname);
$stmt->bindparam(":lname", $lname);
$stmt->bindparam(":prefix", $prefix);
$stmt->bindparam(":email", $email);
$stmt->bindparam(":role", $role);
$stmt->bindparam(":phone", $phone);
$stmt->bindparam(":dob", $dob);
return $stmt->execute();
}
catch(PDOException $e)
{
echo $e->getMessage();
return false; //Probably better to rethrow the exception to let the global error handler handle it but this works too.
}
}
$_POST值作为布尔值,但他们总是会以字符串形式进入。大多数IDE都会警告直接使用$ _POST并建议使用filter_input代替。 示例:
if(filter_input(INPUT_POST,'add_user',FILTER_VALIDATE_BOOLEAN) == true) { }
答案 1 :(得分:0)
检查你的User :: register方法。你希望你的if检查有一个布尔返回类型。你在该方法中没有任何回报(无效)。如果检查void将始终返回false(void == null)
返回true或false