选择仅从输入值中查询php数据

时间:2018-07-04 11:10:57

标签: php android mysql login

我有一个显示sql数据库和登录页面的android应用。提取过程由php完成。

我想从登录名中获取值(我称其为“用户名”)将是用于从数据库中过滤查询的值。目前,我的php从用户名列而不是从用户名输入中执行值。

我的登录php:

<?php
$response = array();
include 'db/db_connect.php';
include 'functions.php';

//Get the input request parameters
$inputJSON = file_get_contents('php://input');
$input = json_decode($inputJSON, TRUE); //convert JSON into array

//Check for Mandatory parameters
if(isset($input['username']) && isset($input['password'])){
$username = $input['username'];
$password = $input['password'];
$query    = "SELECT full_name,password_hash, salt FROM member WHERE username = ?";

if($stmt = $con->prepare($query)){
    $stmt->bind_param("s",$username);
    $stmt->execute();
    $stmt->bind_result($fullName,$passwordHashDB,$salt);
    if($stmt->fetch()){
        //Validate the password
        if(password_verify(concatPasswordWithSalt($password,$salt),$passwordHashDB)){
            $response["status"] = 0;
            $response["message"] = "Login successful";
            $response["full_name"] = $fullName;
        }
        else{
            $response["status"] = 1;
            $response["message"] = "Invalid username and password combination";
        }
    }
    else{
        $response["status"] = 1;
        $response["message"] = "Invalid username and password combination";
    }

    $stmt->close();
}
}
else{
    $response["status"] = 2;
    $response["message"] = "Missing mandatory parameters";
}
//Display the JSON response
echo json_encode($response);
?>

从上面的代码中,我使用“用户名”作为输入,并从表“成员”中获取值

然后,这是我的数据获取php:

<?php
include 'db/db_connect.php';
//Query to select movie id and movie name
$query = "SELECT movies.movie_id, movies.movie_name FROM movies, member WHERE 
movies.movie_name=member.username";
$result = array();
$movieArray = array();
$response = array();
//Prepare the query
if($stmt = $con->prepare($query)){
$stmt->execute();
//Bind the fetched data to $movieId and $movieName
$stmt->bind_result($movieId,$movieName);
//Fetch 1 row at a time                 
while($stmt->fetch()){
    //Populate the movie array
    $movieArray["movie_id"] = $movieId;
    $movieArray["movie_name"] = $movieName;
    $result[]=$movieArray;

}
$stmt->close();
$response["success"] = 1;
$response["data"] = $result;


}else{
//Some error while fetching data
$response["success"] = 0;
$response["message"] = mysqli_error($con);


}
//Display JSON response
echo json_encode($response);

?>

使用此代码,我的Android应用程序显示表“电影”列“电影名称”中的数据,并将该值与“成员”表中的“用户名”进行比较。该查询将获取与movie_name相同的username的所有值。

但这不是我的目标。我的目标是仅显示登录php中登录输入的用户名值。

我做错了什么?

0 个答案:

没有答案
相关问题
最新问题