[英]Login only first user error
Iam使用php 5.5和pdo创建登录代码。 该代码运行正常,但唯一的第一个用户已登录,我不知道为什么? 例如,我的数据库表中有5个用户。 当我登录第一个时,它将进入已登录状态,但是当我尝试登录第二个或第三个时,它将显示一条错误消息,该错误消息是我在错误的数据登录上设置的。 以下是我的登录代码...
<?php
session_start();
include 'conn.php';
try
{
$user = $_POST['user'];
$pass = $_POST['pass'];
$remember=$_POST['remember'];
$smt=$conn->prepare("SELECT * FROM signup");
$smt->execute();
$result=$smt->fetch(PDO::FETCH_OBJ);
$prev=$result->Password;
$usr=$result->Username;
if(password_verify($pass,$prev)& $user===$usr)
{
// Set username session variable
$_SESSION['user'] = $user;
// Jump to secured page
header('location:index.php');
}
else
{
header('location:signin.php');
$_SESSION['login']="Incorrect username or password";
}
if($remember)
{
setcookie('remember-me',$user,time()+3600000);
setcookie('remember-pass',$pass,time()+3600000);
header('location:index.php');
}
else
{
setcookie('remember-me',$user,false);
setcookie('remember-pass',$pass,false);
}
}
catch(PDOException $e)
{
throw new PDOException($e);
}
?>
提前致谢...
您缺少WHERE CLAUSE
:
SELECT * FROM signup WHERE Username = :user
将您的代码调整为以下内容:
$smt=$conn->prepare("SELECT * FROM signup WHERE Username =:user");
$smt->execute(array(':user'=>$user));
请使用以下代码更新您的代码
<?php
session_start();
include 'conn.php';
try
{
$user = $_POST['user'];
$pass = $_POST['pass'];
$remember=$_POST['remember'];
$smt=$conn->prepare("SELECT * FROM signup WHERE username = '".$user."' AND password = '".$pass."' ");
$smt->execute();
$result=$smt->fetch(PDO::FETCH_OBJ);
$prev=$result->Password;
$usr=$result->Username;
if(password_verify($pass,$prev)& $user===$usr)
{
// Set username session variable
$_SESSION['user'] = $user;
// Jump to secured page
header('location:index.php');
}
else
{
header('location:signin.php');
$_SESSION['login']="Incorrect username or password";
}
if($remember)
{
setcookie('remember-me',$user,time()+3600000);
setcookie('remember-pass',$pass,time()+3600000);
header('location:index.php');
}
else
{
setcookie('remember-me',$user,false);
setcookie('remember-pass',$pass,false);
}
}
catch(PDOException $e)
{
throw new PDOException($e);
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.