我在使用此页面时遇到了一些问题,这是代码:
<?php
//login.php
session_start();
require_once("function.php");
if(isset($_POST['username'], $_POST['password'])) //verify we've got what we need to work with
{
/*********database_credentials.php**************/
$mysqli = new MySQLi('localhost', 'root', '','hotel_vaniet');
if($mysqli->errno)
//connection wasn't made
//handle the error here
header("location: index.html"); //we'll just redirect for now
/************************************************/
//We don't have to work about SQL injections here
$stmt = $mysqli->prepare("SELECT COUNT(username) AS total FROM users WHERE username = ? AND password = ?");
//if the passwords in your table are hashed then you should apply the hashing and/or salts before passing it
//they should in fact be hashed preferably with a hashing algorithm of the SHA family
$stmt->bind_param('ss', $_POST['username'], $_POST['password']);
$stmt->execute();
$stmt->bind_result($total); //place the result (total) into this variable
$stmt->fetch(); //fill the result variable(s) binded
//close all connections
$stmt->close();
$mysqli->close();
//if total is equal to 1 then that means we have a match
if((int)$total == 1)
{
session_regenerate_id(true); //delete old session variables
/*********Explained below************/
$_SESSION['user'] = $_POST['username'];
$key = generate_key();
$hash = hash_hmac('sha512', $_POST['password'], $key);
$_SESSION['key'] = $key;
$_SESSION['auth'] = hash_hmac('sha512', $key,
hash_hmac('sha512', $_SESSION['user'] .
(isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
$_SERVER['HTTP_X_FORWARDED_FOR'] :
$_SERVER['REMOTE_ADDR']), $hash));
/************************************/
if(!setcookie('hash', $hash, 0, '/')) //login isn't possible if user's browser doesn't accept cookies
{
session_regenerate_id(true);
header("location: index.html"); //original_page would be your login page
exit();
}
header("location: dashboard.php");
}
else
{
//anything else we don't care about
header("location: index.html");
}
}
?>
我得到了这4个错误,我无法解决这个问题:
Warning: mysqli::mysqli(): in C:\xamp\htdocs\backend\validacredenciais.php on line 9
Warning: main(): Couldn't fetch mysqli in C:\xamp\htdocs\backend\validacredenciais.php on line 10
Warning: mysqli::prepare(): Couldn't fetch mysqli in C:\xamp\htdocs\backend\validacredenciais.php on line 17
Fatal error: Call to a member function bind_param() on a non-object in C:\xamp\htdocs\backend\validacredenciais.php on line 20
此页面是验证我的登录信息的页面。几天前这个问题没有出现的主要问题就是....