我在我的框架中使用slim,每当我在Postman上测试时,php无法读取参数,但当我将其转换为md5时,php现在可以读取请求了。可能是我的问题。服务器发送给我null。这是我的代码
DBOperations.php
//Method for user login
function userLogin($userName, $userPassword)
{
$password = md5($userPassword);
$stmt = $this->con->prepare("SELECT userID FROM users WHERE userName = ? AND userPassword = ?");
$stmt->bind_param("ss", $userName, $password);
$stmt->execute();
$stmt->store_result();
return $stmt->num_rows > 0;
}
的index.php
//user login route
$app->post('/login', function (Request $request, Response $response) {
if (isTheseParametersAvailable(array('userName', 'userPassword'))) {
$requestData = $request->getParsedBody();
$userName = $requestData['userName'];
$userPassword = $requestData['userPassword'];
$password = md5($userPassword);
$db = new DbOperation();
$responseData = array();
if ($db->userLogin($userName, $userPassword)) {
$responseData['error'] = false;
$responseData['username'] = $db->getByUserName($userName);
} else {
$responseData['error'] = true;
$responseData['message'] = $password;
}
$response->getBody()->write(json_encode($responseData));
}
});
密码为md5时
{"error":true,"message":"d41d8cd98f00b204e9800998ecf8427e"}
密码不是
时{"error":true,"message":null}
答案 0 :(得分:0)
你应该做这样的事情
function userLogin($userName, $userPassword)
{
$stmt = $this->con->prepare("SELECT userID, password FROM users WHERE userName = ?");
$stmt->bind_param("s", $userName);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result( $userID , $password);
$result = $stmt->fetch();
if( password_verify($userPassword, $password)){
return true;
}
return false;
}
我不使用Mysqli,所以我希望我能把这一部分弄好。
重要的是,您不应将密码用作WHERE子句的一部分。这有几个原因
等
你应该使用
并且