PHP oop无法从数据库获取数据

Question

So I have this piece of code that I just followed some guide to create, 所以我有一段代码，我只是按照一些指南来创建的，

<?php

session_start();

if (isset($_POST['submit'])) {

include 'db.conf.php';

$uid = mysqli_real_escape_string($conn, $_POST['uid']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
$_SESSION['uid'] = $uid;

//Error handleri
//Check jesu inputi empty

if (empty($uid) || empty($pwd))
{
    header("Location: ../index.php?login=empty");
    exit();
}
else
{
    $sql = "SELECT * FROM users WHERE user_uid = '$uid' OR user_email = '$uid'";
    $result = mysqli_query($conn, $sql);
    $resultCheck = mysqli_num_rows($result);

    if ($resultCheck < 1)
    {
        header("Location: ../index.php?login=usernamenepostoji");
        exit();
    }
    else
    {
        if ($row = mysqli_fetch_assoc($result)) {
            //Dehashiranje
            $hashedPwdCheck = password_verify($pwd, $row['user_pwd']);
            if ($hashedPwdCheck == false) {
                header("Location: ../index.php?login=invalidpass");
                exit();
            }
            elseif ($hashedPwdCheck == true)
            {
                //Logiranje
                $_SESSION['u_id'] = $row['user_id'];
                $_SESSION['u_first'] = $row['user_first'];
                $_SESSION['u_last'] = $row['user_last'];
                $_SESSION['u_email'] = $row['user_email'];
                $_SESSION['u_uid'] = $row['user_uid'];
                header("Location: ../index.php?login=success");
                exit();
            }

        }
    }
}

}

else
{
    header("Location: ../index.php?login=error");
    exit();
}

?>

It's just simple error handling and logging in that works. 只是简单的错误处理和登录即可。 I understand it and wanted to recreate it with a bit more oop. 我理解它，并希望再加上一点。

<?php 
session_start();

include 'db.conf.php';

class Login
{

public $username;
public $password;


function __construct()
{
    $this->username = $_POST['uid'];
    $this->password = $_POST['pwd'];
    $this->checkinputs();
}


function checkinputs()
{       
        if (empty($this->username) || empty($this->password)) 
        {
            header("Location: ../index.php?login=empty");
            exit();
        }
        else
        {   
            $username = $this->username;
            $sql = "SELECT * FROM users WHERE user_uid =".$username;
            $result = mysqli_query($conn, $sql);
            $resultCheck = mysqli_num_rows($result);

            if ($resultCheck < 1) 
            {
                header("Location: ../index.php?login=usernamenepostoji");
                exit();
            }
            else 
            {
            if ($row = mysqli_fetch_assoc($result)) {
                //Dehashiranje
                $hashedPwdCheck = password_verify($pwd, $row['user_pwd']);
                if ($hashedPwdCheck == false) {
                    header("Location: ../index.php?login=invalidpass");
                    exit();
                }
                elseif ($hashedPwdCheck == true) 
                {
                    //Logiranje
                    $_SESSION['u_id'] = $row['user_id'];
                    $_SESSION['u_first'] = $row['user_first'];
                    $_SESSION['u_last'] = $row['user_last'];
                    $_SESSION['u_email'] = $row['user_email'];
                    $_SESSION['u_uid'] = $row['user_uid'];
                    header("Location: ../index.php?login=success");
                    exit();
                }
            }
        }
    }
}
}


?>

This is what I got, it's literally the same code just using functions and other things to 'seperate' it into chunks. 这就是我得到的，只是使用函数和其他东西将其“分离”成块而已，实际上是相同的代码。 It doesn't work. 没用 I keep getting stuck on the if $resultCheck < 1 header which means that the username doesn't exist. 我一直卡在if $ resultCheck <1标头上，这意味着用户名不存在。 Though I'm sure it does since nothing changed in the db. 虽然我确定是可以的，因为数据库中没有任何变化。 So it lead me to thinking its the $conn, it just doesn't connect to the database. 因此，它使我想到了它的$ conn，它只是没有连接到数据库。 I've dumped the $username variable in a file to check if it works, it does. 我已经将$ username变量转储到文件中，以检查它是否有效。 I just have no idea how to proceed. 我只是不知道如何进行。

Answer 1

$conn doesn't exist in method checkinputs() . $conn在方法checkinputs()中不存在。

Either make it global: 使其成为全球性：

function checkinputs()
{ 
    global $conn;
    ...
}

which I would not recommend (because using globals is disencouraged ). 我不建议这样做（因为不建议使用globals ）。

or pass it into Login::_construct() and set it to $this->conn (then use it as $this->conn : $result = mysqli_query($this->conn, $sql); ): 或将其传递到Login::_construct()并将其设置为$this->conn （然后将其用作$this->conn ： $result = mysqli_query($this->conn, $sql); ）：

function __construct($conn)
{
    $this->conn = $conn; // maybe also check if you have a valid connection!
    $this->username = $_POST['uid'];
    $this->password = $_POST['pwd'];
    $this->checkinputs();
}

function checkinputs()
{       
// no global now!
        ....    
        $result = mysqli_query($this->conn, $sql);
        ....
}

BUT : please switch to prepared stements . 但是：请切换到准备好的角色。 This code is vulnerable to sql injection! 此代码容易受到sql注入的攻击！

related: Reference: What is variable scope, which variables are accessible from where and what are "undefined variable" errors? 相关：参考：什么是变量范围，哪些变量可从何处访问，什么是“未定义的变量”错误？

PHP oop无法从数据库获取数据

问题描述

1 个解决方案

解决方案1
1 已采纳 2018-09-09 19:04:24

PHP oop无法从数据库获取数据

问题描述

1 个解决方案

解决方案1 1 已采纳 2018-09-09 19:04:24

解决方案1
1 已采纳 2018-09-09 19:04:24