堆棧內存溢出
  簡體   English   中英

PHP 登錄驗證不適用於准備好的語句

[英]PHP login verification won't work with prepared statements

 原文  2015-10-24 21:22:34       php/ mysql/ mysqli

問題描述

當此代碼運行時,它會返回一條錯誤消息,指出登錄失敗。 具體的錯誤信息在else語句中password_verify函數沒有運行時,用var_dump函數返回如下錯誤信息。 似乎問題出在准備好的語句上,因為輸入的登錄變量似乎沒有從數據庫中收集信息。

登錄失敗:(0)array(0) { }

error_reporting(E_ALL);

$mysqli = new mysqli('localhost', 'root', 'root', 'myTable');

if ($mysqli->connect_errno > 0) {
    die('Unable to connect to database [' . $mysqli->connect_error . ']');
}
ob_start();
session_start();

if (isset($_POST['LogIn'])) {
    $username = $_POST['userName'];
    $password = $_POST['password'];

    if (!($stmt = $mysqli->prepare("SELECT Username, Password FROM user WHERE Username = ?"))) {
        echo "Prepare failed: (" . $mysqli->errno . ")" . $mysqli->error;
    }

    if (!$stmt->bind_param('s', $username)) {
        echo "Bind failed: (" . $stmt->errno . ")" . $stmt->error;
    }

    if (!$stmt->execute()) {
        echo "Execute failed: (" . $stmt->errno . ")" . $stmt->error;
    }

    $userdata = $stmt->get_result();
    $row = $userdata->fetch_array(MYSQLI_ASSOC);

    $stmt->bind_result($username, $password);
    $stmt->store_result();

    if (password_verify($password, $row['Password'])) {
        session_start();
        $_SESSION['UserID'] = $row['UserID'];
        var_dump($_SESSION);
        //  header('Location: Account.php');
        exit();
    } else {
        echo "Login Failed: (" . $stmt->errno . ")" . $stmt->error;
        echo "Password's do not match";
        var_dump($_SESSION);
    }
    $stmt->close();
}

$mysqli->close();

1 個解決方案

解決方案1
 0 已采納  2015-10-24 21:49:07

這可能就是您要尋找的。

if(isset($_POST['LogIn'])) {

    $UN = $_POST['userName'];
    $PW = $_POST['password'];
    //write sql to check for email or username
    $userOrEmailQuery = ("SELECT * from user where Username=? or Email=? LIMIT 1");
    $stmt = $con->prepare($userOrEmailQuery);
    $stmt->bind_param('ss', $UN, $UN);
    $stmt->execute();
    $result = $stmt->get_result();
    $row = $result->fetch_assoc();  
    if(password_verify($PW, $row['Password'])) {

    session_start();

     $_SESSION["UserID"] = $row['UserID'];

     header( 'Location: Account.php' );

       } else {
           session_start();
           $_SESSION['LogInFail'] = "Yes";
       }

   }

希望這可以幫助。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 PHP和MySQL - 准備好的語句不會返回特定的列 准備好的語句不起作用 php pdo准備好的語句:bindParam不起作用 PHP / PDO:准備語句在創建表時不起作用? 涵蓋PHP登錄腳本以使用准備好的語句 登錄將無法正常運行PHP Mysqli登錄准備好的聲明 我的MySQL准備語句無法正常工作 PHP MYSQLI准備語句登錄並檢查用戶狀態 在預備語句中轉換PHP預備語句
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM