我需要从数据库表中提取所有行并循环遍历每个行以找到与Msisdn和Password匹配的行?请帮帮我们......
$state = $this->conn->prepare($sql);
$state->execute();
$userRow = $state->fetchAll();
foreach($userRow as $dataObj) {
if($userData['msisdn'] === $dataObj['Msisdn']) {
if($userData['userpass'] === $dataObj['Password']) {
$_SESSION['user_id'] = $dataObj['id'];
if($_SESSION['user_id'] == true) {
echo "You're logged in...";
} else {
return false;
}
} else {
echo "<font color='red'>" . "{$error} <b>Incorrect PIN</b>. Please enter again, you have <b>2 attempts</b> remaining." . "</font><br><br>";
echo "<font color='slateGrey'>contact us on <a>086 000 3344</a> to register or request a </font><a target='_blank' href='support@example.co.za'>callback.</a>";
return false;
exit();
}
} else {
echo "<font color='red'>" . "{$error} User not found... Please contact your service provider..." . "</font><br><br>";
echo "<font color='slateGrey'>either call on <a>086 000 3344</a> or request</font> <a href='support@example.co.za'>callback.</a>";
return false;
exit();
}
return false;
}
答案 0 :(得分:6)
使用数据库的全部意义在于您无需执行此操作!这就是为什么RDBMS为SELECT语句提供WHERE子句的原因。如果您已正确索引表,则RDBMS只需查找几行即可找到匹配的条目(如果可用)。所以你不必编写所有这些代码。自己。
$password = hashing_fuciont($dataObj['Password']); /* you are hashing the password aren't you? */
$stmt = $state->prepare("SELECT * FROM users where username=? password=?")
$stmt->execute( array("username"=>$username, "password"=>$password));
$userRow = $state->fetchAll();