我有一个数据库,其中有4个表,2个用于私人用户,2个用于业务用户。出于某种原因,当我尝试使用业务用户的电子邮件登录时它不起作用但用户名工作,并且在私有表中它可以工作,这是我的代码如果我没有正确解释它告诉我并且我尽力解释它再次
$password = $_POST['password'];
$emailuser = $_POST['unameemail'];
$password = mysqli_real_escape_string($sql , $password);
$emailuser = mysqli_real_escape_string($sql , $emailuser);
$pwcheck = "
SELECT * FROM private AS p
INNER JOIN user_private_data
AS c ON p.id = c.id
WHERE username='$emailuser' OR email='$emailuser'"; // part that works fine
$resultcheck = mysqli_query($sql , $pwcheck); // part that works fine
$rowcheck = mysqli_fetch_array($resultcheck , MYSQLI_ASSOC); // part that works fine
$hash = $rowcheck['password']; // part that works fine
$hash_pwd = password_verify($password , $hash);
if ($hash_pwd != 0) {
$_SESSION['username'] = $rowcheck['username']; // part that works fine
$_SESSION['logged'] = true; // part that works fine
header("refresh:0;url=../blablabla.php"); // part that works fine
} else {
$privateuser = "
SELECT * FROM business AS d
INNER JOIN user_business_data
AS j ON d.id = j.id
WHERE username='$emailuser' OR email='$emailuser'"; // doesn't work
$resultprivate = mysqli_query($sql , $privateuser); // doesn't work
$rowprivate = mysqli_fetch_array($resultprivate , MYSQLI_ASSOC);
$hashprivate = $rowprivate['password'];
$hash_private = password_verify($password , $hashprivate);
if ($hash_private != 0) {
$_SESSION['username'] = $rowprivate['username'];
$_SESSION['logged'] = true;
$_SESSION['business'] = $rowprivate['bname'];
$_SESSION['type'] = 'business';
}
答案 0 :(得分:0)
试试这个:你需要在获取之前检查查询是否确实有结果 我假设你的连接中定义了变量$ sql
<?php
$password = $_POST['password'];
$emailuser = $_POST['unameemail'];
$password = mysqli_real_escape_string($sql, $password);
$emailuser = mysqli_real_escape_string($sql, $emailuser);
$pwcheck = "
SELECT * FROM private AS p
INNER JOIN user_private_data
AS c ON p.id = c.id
WHERE username='$emailuser' OR email='$emailuser'"; // part that works fine
$resultcheck = mysqli_query($sql, $pwcheck); // part that works fine
$rowcheck = mysqli_fetch_array($resultcheck, MYSQLI_ASSOC); // part that works fine
$hash = $rowcheck['password']; // part that works fine
$hash_pwd = password_verify($password, $hash);
if ($hash_pwd != 0) {
$_SESSION['username'] = $rowcheck['username']; // part that works fine
$_SESSION['logged'] = true; // part that works fine
header("refresh:0;url=../blablabla.php"); // part that works fine
} else {
$privateuser = "
SELECT * FROM business AS d
INNER JOIN user_business_data
AS j ON d.id = j.id
WHERE username='$emailuser' OR email='$emailuser'"; // doesn't work
$resultprivate = mysqli_query($sql, $privateuser); // doesn't work
if ($resultprivate->num_rows > 0) {
$rowprivate = mysqli_fetch_array($resultprivate, MYSQLI_ASSOC);
$hashprivate = $rowprivate['password'];
$hash_private = password_verify($password, $hashprivate);
if ($hash_private != 0) {
$_SESSION['username'] = $rowprivate['username'];
$_SESSION['logged'] = true;
$_SESSION['business'] = $rowprivate['bname'];
$_SESSION['type'] = 'business';
} else {
//no record
}
}
?>