如果网站正在维护中,我想在登录时输出一条错误消息,但是我当前的代码无法正常工作,并且似乎只是在运行维护代码而已。我想这样,如果我已经定义为$maintenance
的MySQL数据库中的维护列为空,则用户可以像往常一样登录,但是如果包含1
,则用户将看到错误消息,但是阵列中具有其IP的管理员仍可以登录。我已经在$maintenance
中已经包含的另一个文件中定义了class.user.php
。代码在下面。
Settings.php
$auth_user = new USER();
$site_name = $auth_user->runQuery("SELECT * FROM `settings` LIMIT 1");
$site_name->execute();
while ($show = $site_name -> fetch(PDO::FETCH_ASSOC)){
$maintenance = $show['maintenance'];
}
Class.user.php
require_once('settings.php');
....other functions here
....other functions here
.....other functions here
.....
public function doLogin($uname,$umail,$upass)
{
try
{
$stmt = $this->conn->prepare("SELECT user_id, user_name, user_email, user_pass, status FROM users WHERE user_name=:uname OR user_email=:umail ");
$stmt->execute(array(':uname'=>$uname, ':umail'=>$umail));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if(password_verify($upass, $userRow['user_pass']))
{
session_regenerate_id(false);
return ["correctPass"=>true, "banned"=> ($userRow['status']== 1) ? true : false, "maintenance"=> ($maintenance== 1) ? true : false];
}
else
{
return ["correctPass"=>false];
}
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}
Login.php
$validation = $login->doLogin($uname,$umail,$upass);
if($validation["correctPass"]){
if($validation["maintenance"]){
if (!in_array(@$_SERVER['REMOTE_ADDR'], array('1.1.1.1'))){
$error = "Website under maintenance";
}
}
if($validation["banned"]){
$error = "User has been banned";
}else{
if(Token::check($_POST['token'])) {
$stmtt = $login->runQuery("SELECT user_id FROM users WHERE user_name=:uname OR user_email=:umail ");
$stmtt->execute(array(':uname'=>$uname, ':umail'=>$umail));
$userRow=$stmtt->fetch(PDO::FETCH_ASSOC);
$_SESSION['user_session'] = $userRow['user_id'];
$success = "Logged in successfully, redirecting..";
header( "refresh:3;url=dashboard" );
} else {
$error = "Unexpected error occured";
}
}
}
else{
$error = "Incorrect username/email or password";
}
答案 0 :(得分:0)
正如其他人在评论中指出的那样,$maintenance
在您的doLogin
函数的范围之外。如果您只想将其用作全局变量,可以像下面这样设置doLogin
函数:
public function doLogin($uname,$umail,$upass)
{
global $maintenance;
...
使用global
关键字可以访问当前函数范围之外的变量。更好的方法可能是将$maintenance
变量作为如下参数传递给函数:
public function doLogin($uname,$umail,$upass,$maintenance)
{
...
然后仅在Login.php
文件中使用,就像这样:
$validation = $login->doLogin($uname,$umail,$upass,$maintenance);
这些选项对您有用吗?