我的代码完美无缺,直到验证为止,当我输入错误的用户名时,它不会显示Invaild Username or Password!
,但如果我输入正确的用户名但密码错误,则会显示该消息,我该如何修复?
if(isset($_POST['login'])){
$username = $_POST['username'];
$password = $_POST['password'];
try {
$sql = "SELECT * FROM users WHERE username=:username";
$stmt = $db->prepare($sql);
$stmt->execute(array(':username' => $username));
while($row = $stmt->fetch()){
$user_id = $row['user_id'];
$username = $row['username'];
$hash_password = $row['password'];
if(password_verify($password, $hash_password)){
$_SESSION['user_id'] = $user_id;
$_SESSION['username'] = $username;
} else {
die("Invaild Username or Password!");
}
}
}
catch(PDOException $e)
{
echo "An error occurred " . $e->getMessage();
}
}
答案 0 :(得分:-1)
if(isset($_POST['login'])){
$username = $_POST['username'];
$password = $_POST['password'];
try {
$sql = "SELECT * FROM users WHERE username=:username";
$stmt = $db->prepare($sql);
$res = $stmt->execute(array(':username' => $username));
if (!$res){
die("Invaild Username!");
}
while($row = $stmt->fetch()){
$user_id = $row['user_id'];
$username = $row['username'];
$hash_password = $row['password'];
if(password_verify($password, $hash_password)){
$_SESSION['user_id'] = $user_id;
$_SESSION['username'] = $username;
} else {
die("Invaild Username or Password!");
}
}
} catch(PDOException $e)
{
echo "An error occurred " . $e->getMessage();
}
}