堆棧內存溢出
  簡體   English   中英

PHP MYSQL查詢未將數組傳遞到我的變量中

[英]PHP MYSQL query is not passing the array into my variable

 原文  2015-02-28 04:32:45       php/ mysql/ database/ function/ connect

問題描述

這是我的查詢,在執行var_dump時將$ results設為NULL: 

function connect($loginName) {
$password = (isset($_SESSION['password']));
$loginName = (isset($_SESSION['loginName']));

global $db;
$query = "SELECT email, level, password FROM members WHERE email   = '$loginName'";
$result = $db->query($query);
$results = $result->fetch(PDO::FETCH_ASSOC);
return $results;
}

嘗試更改后,它以歡迎形式給了我這兩個錯誤:

我網站的WElcome部分中的錯誤

功能頁面: 

<?php 
require('database_connection.php');
//include('index.php')
//session_start();
if ((isset($_POST['loginName'])) && (isset($_POST['password']))){
  $_SESSION['loginName'] = $_POST['loginName'];
  $_SESSION['password'] = password_hash($_POST['password'], PASSWORD_BCRYPT);

$password = isset($_SESSION['password']) ? $_SESSION['password'] : "";
$loginName = isset($_SESSION['loginName']) ? $_SESSION['loginName'] : "";


// Connecting to the database
 }

function connect($loginName) {

 global $db;
$query = "SELECT email, level, password FROM members WHERE email = '$loginName'";
$result = $db->query($query);
$results = $result->fetch(PDO::FETCH_ASSOC);
return $results;
}


//Login

function login($loginName, $password) {
$results = connect($loginName);
if ((isset($_SESSION['loginName'])) === $results['email'] && (isset    ($_SESSION['password'])) === $results['password']) 
 {

if ( 'a' === $results['level'] )  {
$level = "Administrator";
 } 
elseif ( 'm' === $results['level'] ) {
 $level = "Member";
}
else $level = '?';

if ($level === "Administrator"){
        header('Location: /tires/admin/home.php');
        exit();
    }elseif ($level === "Member"){
        header('Location: /tires/member/home.php');
        exit();
    }                           
include('logoutform.php');}



else {

echo "Sorry. You are not in our database";

}};



//Trying to verify the password

 if ((isset($_POST['loginName'])) && (isset($_POST['password']))){
  $_SESSION['loginName'] = $_POST['loginName'];
  $_SESSION['password'] = password_hash($_POST['password'], PASSWORD_BCRYPT);
}
$password = (isset($_SESSION['password']));
 $loginName = (isset($_SESSION['loginName']));
 $hash = '';

global $db;
$h = $db->prepare("SELECT password FROM members WHERE email = '$loginName'");
$h->execute();
$hashing = $h->fetchAll();
foreach ($hashing as $hash) {
    return $hash['password'];
    if($hashing) // will return true if succefull else it will return false 
        { 
            echo 'Query is working';// code here for true
        };
 };

if (password_verify($password, $hash)) {
    echo 'Password is valid!';
} else {
    echo 'Invalid password.';
 };




//Logout
function logout() {
$_SESSION = array();
 session_destroy();
 };


 function get_name($results) {
$name = preg_split("/@/", $results['email']);
$name = ucfirst($name[0]);
 return $name;
                        };



function allowed_get_params($allowed_params=[]) {
 $allowed_array = [];
    foreach($allowed_params as $param) {
        if(isset($_GET[$param])) {
            $allowed_array[$param] = $_GET[$param];
        } else {
            $allowed_array[$param] = NULL;
    }
    }
    return $allowed_array;
 };

 $get_params = allowed_get_params(['loginName', 'password']);


?>

AND,這是登錄(實際上是注銷)形式: 

 <form method="post" id="logoutform.php">

 <fieldset>
  <legend>Logout</legend>  

                      <?php
 //include('includes/functions.php');
                       //if ( $_SESSION['loginName'] === $result['email']      && $_SESSION['password'] === $result['password']) {
               echo "Welcome, ";
               echo "$level, ";
               echo get_name($results); 
              // print_r($_POST);
               print '<br />';
               //}
              // else{
            //var_dump($result);
          ///}
                      ?>  <br />   <br />  <br />     
                        <input type="submit" name="action" value="logout" />

 </fieldset></form>

登錄表格是這樣的: 

<form action="home.php" method="post" id="loginform.inc.html">
<fieldset>

  <legend>Login</legend>    <label for="loginName" class="loginName">Username:</label>
      <input id="loginName" name="loginName" type="text" value="<?php echo     (isset($loginName['loginName'])); ?>"/>
    <label for="password" class="loginName">Password:</label>
      <input id="password" name="password" type="password" value="<?php echo (isset($password['password'])); ?>" />
    <input type="submit" name="submit" value="login" />
</fieldset>
 </form>

2 個解決方案

解決方案1
 2  2015-02-28 04:39:32

$results似乎為空,因為您的查詢未返回任何內容。 而且我懷疑您的查詢沒有返回任何內容,因為您正在搜索$loginNameTRUE (或者可能為FALSE ),因為此行: 

$loginName = (isset($_SESSION['loginName']));

isset()返回true或false。 我懷疑那不是您想要的。

還不清楚您的global $db是什么。 我希望這是偽代碼。 如果這是您的文字代碼,那么您將遇到一個明顯的錯誤,即甚至沒有嘗試連接到數據庫。

另外,您應該使用參數化的語句傳遞登錄名,以避免明顯的安全漏洞

解決方案2
 2 已采納  2015-02-28 04:44:42

更改 

$password = (isset($_SESSION['password']));
$loginName = (isset($_SESSION['loginName']));


$password = isset($_SESSION['password']) ? $_SESSION['password'] : "";
$loginName = isset($_SESSION['loginName']) ? $_SESSION['loginName'] : "";

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 在MySQL查詢中傳遞php變量 將PHP變量傳遞給模式並在MySQL查詢中使用 將mysql查詢的每一行傳遞給php數組 PHP在數組中傳遞變量 將變量從AJAX傳遞給PHP以進行MySQL查詢時出錯 將php變量作為參數傳遞給mysql查詢時出現問題 將php變量傳遞給mysql查詢時無法獲得結果 通過將數組傳遞給MySQL PHP中的查詢來動態創建OR條件 無法從PHP / MySQL查詢將數組傳遞給SwiftMailer MySQL將變量傳遞給動態查詢
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM