0

当我尝试登录我的网站时收到此错误消息:数据库错误:SQLSTATE [HY093]:无效参数编号:未定义参数我不确定这甚至意味着什么,即使在谷歌搜索之后也是如此。这是我的代码:

<?php
//declaring variables and assigning values from log in form

//validate text was entered in UserName text box
if(empty($_POST['txtUserName']))
    {
        showForm(null);
        exit();
    }
else
    {
        $User_Name = $_POST['txtUserName'];
    }

//validate text was entered in password text box
if(empty($_POST['txtPassword']))
    {
        showForm(null);
        exit();
    }
else
    {
        $Password = $_POST['txtPassword'];
    }

if ($PasswordForm != Password($User_Name))
{
    showForm('Customer ID and Password did not match. Please try again!');
    exit();
}


function Password($User_Name)
{   
//$UserName = $_GET['txtUserName'];
//$Password = $_GET['txtPassword'];

//declare and assign values to variables
$dsn = 'mysql:host=XXX;dbname=XXX';
$username='XXX';
$password='XXX';
//variable for errors
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
//try to run code
try {
//object to open database
$db = new PDO($dsn,$username,$password, $options);
//check username against password
    $SQL = $db->prepare("Select Password from user where USER_NAME = :USER_NAME");
    $SQL->bindValue(':User_Name', $User_Name);
    $SQL->execute();
    $username = $SQL->fetch();

    if($username === false)
        {
            $Password = null;
        }
    else
        {
            $Password = $username['Password'];
        }

    return $Password;
    $SQL->closeCursor();
    $db = null;

    } catch(PDOException $e){
        $error_message = $e->getMessage();
        echo("<p>Database Error: $error_message</p>");
        exit();
    }

}
function showForm($formMessage = "Please Enter Valid User ID and Password")
{ ?>
4

2 回答 2

0 
<?php
//declaring variables and assigning values from log in form

//validate text was entered in UserName text box
if(empty($_POST['txtUserName']))
    {
        showForm(null);
        exit();
    }
else
    {
        $User_Name = $_POST['txtUserName'];
    }

//validate text was entered in password text box
if(empty($_POST['txtPassword']))
    {
        showForm(null);
        exit();
    }
else
    {
        $Password = $_POST['txtPassword'];
    }

if ($Password != Password($User_Name))
{
    include "teamc/index.php";
} 
else
{
    showForm('Customer ID and Password did not match. Please try again!');
    exit();
}


function Password($User_Name)
{   
//$UserName = $_GET['txtUserName'];
//$Password = $_GET['txtPassword'];

//declare and assign values to variables
$dsn = 'mysql:host=XXX;dbname=XXX';
$username='XXX';
$password='XXX';
//variable for errors
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
//try to run code
try {
//object to open database
$db = new PDO($dsn,$username,$password, $options);
//check username against password
    $SQL = $db->prepare("Select USER_PASSWORD FROM user WHERE USER_NAME = :USER_NAME");
    $SQL->bindValue(':USER_NAME', $User_Name);
    $SQL->execute();
    $username = $SQL->fetch();

    if($username === false)
        {
            $Password = null;
        }
    else
        {
            $Password = $username['USER_PASSWORD'];
        }

    return $Password;
    $SQL->closeCursor();
    $db = null;

    } catch(PDOException $e){
        $error_message = $e->getMessage();
        echo("<p>Database Error: $error_message</p>");
        exit();
    }

}
function showForm($formMessage = "Please Enter Valid User ID and Password")
{ ?>
于 2013-03-04T23:14:00.087 回答
0

PHP 区分大小写,这意味着 :User_Name 与 :USER_NAME 不同。

因此改变

:USER_NAME to :User_Name
于 2013-03-04T19:55:40.860 回答