查询返回false虽然是真的

时间:2019-07-17 17:08:10

标签: php

$id abc@a.b 时,它返回 true 。这符合预期!

  

但是,当$id 1234567 时,它将返回 false 。这是不是   符合预期!

我的数据库:

+----+---------+---------+-----------+
| Id |  Email  |  Mobile |  Password |
+----+---------+---------+-----------+
| 15 | abc@a.b | 1234567 |$2y$10$ix..|
+----+---------+---------+-----------+

我的代码:

public function customer_login($id,$password)
    {
        try
        {
            $stmt = $this->conn->prepare("SELECT * FROM customer WHERE Email=:_email");
            $stmt->execute(array(":_email"=>$id));
            $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
            $id = $userRow['Id'];

            $stmtM = $this->conn->prepare("SELECT * FROM customer WHERE Mobile=:_mobile");
            $stmtM->execute(array(":_mobile"=>$id));
            $userRowM=$stmtM->fetch(PDO::FETCH_ASSOC);
            $id = $userRowM['Id'];

                    if (password_verify($password, $userRow['Password']) || password_verify($password, $userRowM['Password'])) 
                    {

                        $_SESSION['customer'] = $id;
                        return true;

                        }
                    else
                    {
                        return false;
                    }
        }
        catch(PDOException $ex)
        {
            echo $ex->getMessage();
        }
    }

$id abc@a.b 时,它返回 true 。这符合预期!

  

但是,当$id 1234567 时,它将返回 false 。这是不是   符合预期!

2 个答案:

答案 0 :(得分:0)

在下面的行中,您正在更改$ id的值。 $ id变量获取表的“ Id”字段的值,该值被馈送到基于移动号码的第二个查询中。这就是原因,您基于手机号码的查询不返回任何结果,并返回false。

$id = $userRow['Id'];

将以上内容分配给其他变量,并保持$ id为初始值。

答案 1 :(得分:0)

    // Change this: 
      $stmt = $this->conn->prepare("SELECT * FROM customer WHERE Email=:_email");
        $stmt->execute(array(":_email"=>$id));
        $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
        $id = $userRow['Id'];

        $stmtM = $this->conn->prepare("SELECT * FROM customer WHERE 
       Mobile=:_mobile");
        $stmtM->execute(array(":_mobile"=>$id));
        $userRowM=$stmtM->fetch(PDO::FETCH_ASSOC);
        $id = $userRowM['Id'];


        //to this : 
        $stmt = $this->conn->prepare("SELECT * FROM customer WHERE Email=:_email or 
        Mobile=:_mobile limit 0,1 ");
        $stmt->execute(array(":_email"=>$id , ":_mobile"=>$id ));
        $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
        $id = $userRow['Id'];