我正在使用 OOP PHP 创建一个登录系统。
问题是在执行if...else
语句时我检查电子邮件是否正确以及相应电子邮件的密码是否正确。如果是,我显示错误密码不正确。
但是,if...else
语句未按预期工作。它不返回任何结果,即NULL
。
的login.php
<?php
include('conn.php');
class Login extends Connection {
private $dbEmail;
private $dbPassword;
private $query;
public $emError;
public $paError;
public function loginFormHandler($email, $password) {
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password");
$this->query->bindParam(':email', $email);
$this->query->bindParam(':password', $password);
$this->query->execute();
while($row = $this->query->fetch(PDO::FETCH_ASSOC)) {
$this->dbEmail = $row['email'];
$this->dbPassword = $row['password'];
}
if ($this->dbEmail === $email && $this->dbPassword !== $password) {
$this->paError = 'Password Error';
}
}
public function errors() {
return array($this->emError, $this->paError);
}
}
这里是index.php
<?php
include('class/login.php');
$err = [];
if(isset($_POST['email']) && isset($_POST['password'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if(!empty($email) && !empty($password)) {
$user = new Login;
$user->loginFormHandler($email, $password);
var_dump($err = $user->errors());
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Login Form</title>
</head>
<body>
<div class="form">
<form action="/oop/index.php" method="POST" accept-charset="UTF-8">
<label for="email">Email: </label><br>
<input type="email" name="email" required><br>
<?php if($err) {echo $err[0];} ?><br>
<label for="password">Password: </label><br>
<input type="password" name="password" required><br>
<?php if($err) {echo $err[1];} ?><br>
<input type="submit" value="Login">
</form>
</div>
</body>
</html>
如您所见,我在数组中发送错误并显示相应的错误。
帮我解决这个问题。
答案 0 :(得分:0)
如果您在代码中使用数据库中的电子邮件和密码,则显然密码永远不会出错(如果错误则不会从db = NULL中获取任何内容)。你的代码是这样的:
class Login extends Connection {
private $email;
private $password;
private $query;
public $emError;
public $paError;
private function selectLogin(){
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password LIMIT 1");
$this->query->bindParam(':email', $this -> email);
$this->query->bindParam(':password', $this -> password);
$this->query->execute();
return $this->query->fetch(PDO::FETCH_ASSOC);
}
public function loginFormHandler($email, $password){
$this -> email = $email;
$this -> password = $password;
$result = $this -> selectLogin();
if(is_null($result)){
$this->emError = $this -> email;
$this->paError = 'Email or Password error';
} else {
// do something
}
}
public function errors() {
return array($this->emError, $this->paError);
}
}
答案 1 :(得分:0)
只需检查行是否存在,如果存在则启动session.otherwise重定向并返回错误
您可以fetchColumn()
检查行是否存在
你的登录功能应该是这样的
public function loginFormHandler($email, $password) {
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password");
$this->query->bindParam(':email', $email);
$this->query->bindParam(':password', $password);
$res=$this->query->execute();
$num_rows = $res->fetchColumn();
if ($num_rows>0) {
$row = $this->query->fetch(PDO::FETCH_ASSOC);
echo "success";
//Do something
}
else{
echo 'email or password is not valid';
//or do something
}
}
答案 2 :(得分:-1)
您只能从匹配电子邮件和密码的数据库中检索行:
(WHERE `email` = :email AND `password` = :password)
这就是密码错误的用户永远不会到达if
正文的原因。
问题与OOP或您使用class here
的事实无关。
但是,if ... else语句没有按预期工作。它不返回任何结果,即NULL。
只知道if..else
永远不会返回结果。 if
评估分支中的条件,将其强制转换为布尔值,如果为true
,则执行以下代码块。
我不知道你的意思,但if
没有任何结果就完全没问题了。