我正在尝试登录部分,但它没有使用数据库验证用户名和密码。谁能告诉我这段代码有什么问题?
服务/用户.cfc
<cffunction name="login" access="public" output="false" returntype="any">
<cfargument name="username" required="true">
<cfargument name="password" required="true">
<cfquery name="getUser">
SELECT users.Id,
users.username,
users.password
FROM Users
Where UserName = <cfqueryparam value="#arguments.username#" cfsqltype="CF_SQL_VARCHAR">
AND Password = <cfqueryparam value="#arguments.password#" cfsqltype="CF_SQL_VARCHAR">
</cfquery>
<cfif getUser.recordcount gt 0>
<cfreturn getUser>
</cfif>
</cffunction>
控制器/login.cfc
<cffunction name="login" access="public" returntype="void">
<cfargument name="rc" type="struct" required="true">
<cfset user = getUserService().login(arguments.rc.Username,arguments.rc.password)>
<cfif arguments.rc.username EQ UserName and arguments.rc.password EQ password>
<cfset session.auth = structNew()>
<cfset session.auth.isLoggedin = "yes"/>
<!--- <cfset session.auth.id = users.id /> --->
<cfset session.auth.username = UserName />
<cfset session.auth.password = password />
<cfelse>
<cfset rc.message = createMessage('error','','entered password is wrong')>
<cfset variables.fw.redirect('login.default','message')>
</cfif>
</cffunction>
谢谢。