[英]Checking variables against MySQL data using PDO and PHP
I have the following variables that were inputted in the previous login form and submitted: 我有以下变量在上一个登录表单中输入并提交:
$login = $_POST['login'];
$password = $_POST['password'];
I connect to my MySQL Database using a PDO as follows: 我使用PDO连接到我的MySQL数据库,如下所示:
require_once('agent-config.php');
try {
$conn = new PDO(A_DB_HOST, A_DB_USER, A_DB_PASSWORD);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
Next, I use the variables $login and $password to select the matching username and password: 接下来,我使用变量$ login和$ password来选择匹配的用户名和密码:
//Create SELECT query
$qry = $conn->prepare("SELECT * FROM members WHERE login=? AND passwd=?");
$qry->bindParam(1, $login);
$qry->bindParam(2, $password);
Lastly, I check whether the query was successful or not using: 最后,我使用以下方法检查查询是否成功:
//Check whether the query was successful or not
if($qry->execute())
$count = $qry->rowCount();
echo $count;
print_r($qry);
if($count >0) {
//Login Successful
session_regenerate_id();
$member = $qry->fetch(POD::FETCH_ASSOC);
$_SESSION['SESS_AGENT_ID'] = $member['member_id'];
$_SESSION['SESS_login'] = $member['login'];
session_write_close();
header("location: agent-member-index.php");
exit();
}else {
//Login failed
header("location: login-failed.php");
exit();
}
However, the login and password are not being passed through correctly, and my result for $count is 0. I know one problem is that the password stored in the database is the .md5 encrypted version of the password, so I tried changing $password
to 但是,登录名和密码没有正确传递,$ count的结果是0.我知道一个问题是存储在数据库中的密码是密码的.md5加密版本,所以我尝试更改$password
至
$password = '.md5($_POST['password']).';
but I received errors T-STRING errors. 但我收到错误的T-STRING错误。 Any help would be greatly appreciated! 任何帮助将不胜感激!
$password = '.md5($_POST['password']).';
Is not valid, as it's 2 strings with a string literal in the middle. 无效,因为它是2个字符串,中间有一个字符串文字。 I think you meant: 我想你的意思是:
$password = md5($_POST['password']);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.