简单的PHP代码:
#login.php
$_SESSION['valid_user_id'] = getUserId($username, $password);
#user_auth_fns.php
function getUserId($username, $password)
{
$username = addslashes($username);
$username = mysql_real_escape_string($username);
$password = addslashes($password);
$password = mysql_real_escape_string($password);
$conn = db_connect();
$result = $conn->query("select id from user where username='$username' and password= sha1('$password')");
if (!$result) {
throw new Exception('Could not retrieve your user id.');
}
if ($result->num_rows > 0) {
return $result;
} else {
throw new Exception('Could not retrieve your user id.');
}
}
“return $ result”是错误的,但是我不知道我应该放在那里以便从某个用户返回id。 PHP手册也没有提供答案。我知道这个功能有效,因为替换
通过返回“test”返回$ result
按预期返回正确的值。
答案 0 :(得分:4)
if ($result->num_rows > 0) {
$row = mysql_fetch_row($result);
return $row['id'];
} else {
throw new Exception('Could not retrieve your user id.');
}
我会像这样重写整个函数:
function getUserId($username, $password)
{
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$conn = db_connect();
$result = $conn->query("SELECT id FROM user
WHERE username = '$username'
AND password = sha2(CONCAT(user.salt,'$password'),512)");
if (!$result) {
throw new Exception('Could not retrieve your user id.');
}
if ($result->num_rows > 0) {
$row = mysql_fetch_row($result);
return $row['id'];
} else {
throw new Exception('Could not retrieve your user id.');
}
}
防止XSS
在回显数据库中的任何值之前清理它:
echo htmlentities($row['username']);
确保你加盐,或者你不安全
请注意,您需要在用户表中添加一个名为SALT的新字段。
ALTER TABLE user ADD COLUMN salt INTEGER NULL default NULL;
由于密码是经过哈希处理的,您需要时间来翻译它们,使用以下代码插入新条目:
INSERT INTO user (username, salt, password)
SELECT '$username', @salt, SHA2(CONCAT(@salt,'$password'),512)
FROM DUAL CROSS JOIN (SELECT @salt:= FLOOR(RAND()*99999999)) q;
此代码用于测试有效密码:
SELECT id, COALESCE(salt,-1) as salt FROM user
WHERE username = '$username'
AND CASE WHEN salt IS NULL
THEN password = SHA1('$password)
ELSE password = SHA2(CONCAT(salt,'$password'),512) END;
当salt结果为-1时,更新用户表。
UPDATE user
CROSS JOIN (SELECT @salt:= FLOOR(RAND()*99999999)) q
SET salt = @salt, password = SHA2(CONCAT(@salt,'$username'),512);
答案 1 :(得分:2)
$ result仅包含结果行的对象。要访问数据,您需要从结果中获取行。
使用mysqli库:
$result = $conn->query("select id from user where username='$username' and password= sha1('$password')");
$row = $result->fetch_object(); // or $row = $result->fetch_array();
return $row->id;
使用mysql库使用array:
$result = $conn->query("select id from user where username='$username' and password= sha1('$password')");
$row = $result->fetch_assoc();
return $row['id'];
答案 2 :(得分:0)
来自php.net:
// Use result
// Attempting to print $result won't allow access to information in the resource
// One of the mysql result functions must be used
// See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while ($row = mysql_fetch_assoc($result)) {
echo $row['firstname'];
echo $row['lastname'];
echo $row['address'];
echo $row['age'];
}
答案 3 :(得分:0)
试试这个:
if ($result->num_rows > 0) {
$tmp = $result->fetch_assoc();
$return = $tmp['id'];
return $return;
} else { ...
答案 4 :(得分:0)
我不知道您使用的是什么数据库包装器,因为您没有向我们展示db_connect(),但我敢打赌这会起作用:
$result = $conn->query(...);
$result = $result->fetch();
return $result['id'];
$conn返回的值可能是表示结果资源的对象,而不是实际行。您需要从资源中获取行,因为可能存在多个行。
答案 5 :(得分:0)
在我看来,主要的问题是你的函数正在返回结果对象,而你实际上只需要返回id字段。为此,您必须从结果对象中获取行作为对象/数组/关联数组,并从中返回id字段。只是为了说明我的想法,就本机MySQL函数而言,它看起来像这样:
$res = mysql_query("SELECT id FROM usersTable WHERE username = '".mysql_real_escape_string($userName) . "' AND password = '" .mysql_real_escape_string($password) ."' LIMIT 1") or die("Cannot select id: ".mysql_error());
if(mysql_num_rows($res) > 0) {
$row = mysql_fetch_assoc($res); // fetch the retrived row as associative array, my personal favorite though others may prefer mysql_fetch_row or mysql_fetch_object instead
return $row['id']; // return the retrived id
}
else {
// your exception throwing code goes here
}
作为旁注,请参阅addlashes后跟mysql_real_escape_string没有任何意义,因为它们基本上是为了做同样的事情,而mysql_real_escape_string是在数据库查询中转义用户输入的首选方法。所以,我认为你应该留下mysql_real_escape_string行并摆脱addslashes的东西。