嵌套if语句php需要SQL

时间:2019-02-12 01:22:13

标签: php mysql

if (isset($_POST['username']) and isset($_POST['password'])){
$username = cleanData($_POST['username']);
$password = cleanData($_POST['password']);
$verify = password_verify($password, $hash);
if(password_verify($password, $hash)) {
$query = "SELECT * FROM `user` WHERE (username='$username') AND (password='$password')";
echo $hash;
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);
if ($count == 1){
$_SESSION["loggedIn"] = true;
$_SESSION['username'] = $username;
}else{
$fmsg = "Invalid Login Credentials.";
}
if (isset($_SESSION['loggedIn']) && ($_SESSION["loggedIn"] == true)){
$username = $_SESSION['username'];
echo "Hi " . $username . "
";
echo "This is the Members Area
";
    }else{        ?>
*html*
} else {
echo 'Invalid password.';
}
}

我把代码弄得一团糟,努力理解我做错了什么,并且无法跟踪我在哪里使语法错误导致“文件的最后一行意外结束”。 我正在尝试创建一个会话,如果用户输入的密码与数据库中的哈希值匹配,则将用户发送到“您好 username ”页面。仅当password_verify对照输入的用户名存储的哈希值验证输入的密码时,才如何创建会话?

以上代码的经过语法纠正和格式化的代码:

if (isset($_POST['username']) and isset($_POST['password']))
{
  $username = cleanData($_POST['username']);
  $password = cleanData($_POST['password']);
  $verify   = password_verify($password, $hash);
  if (password_verify($password, $hash))
  {
    $query = "SELECT * FROM `user` WHERE (username='$username') AND (password='$password')";
    echo $hash;
    $result = mysqli_query($connection, $query) or die(mysqli_error($connection));
    $count = mysqli_num_rows($result);
    if ($count == 1)
    {
      $_SESSION["loggedIn"] = true;
      $_SESSION['username'] = $username;
    }
    else
    {
      $fmsg = "Invalid Login Credentials.";
    }
    if (isset($_SESSION['loggedIn']) && ($_SESSION["loggedIn"] == true))
    {
      $username = $_SESSION['username'];
      echo "Hi " . $username;
      echo "This is the Members Area";
    }
    else
    {
?>
      <div> html code </div>
<?php

    }
  }
  else
  {
    echo 'Invalid password.';
  }
}

0 个答案:

没有答案