1

我从即将被弃用的 MySQL 开始大肆更改,我目前从我的用户登录系统开始,在更改查询等后我无法登录。这是我到目前为止所得到的。

由于根本没有给出任何错误,因此它不会将我重定向到我的 index.php。

login.php -> 登录后重定向到 index.php

我当前的登录代码可能有什么问题?

  • 包括/db.php

    try { 
    $db = new PDO("mysql:host=127.0.0.1; dbname=timeline_database", 'root', ''); 
}
catch( PDOException $e ) 
{ 
    echo $e->getMessage();
}

  • 包括/Wall_Updates.php

    class Wall_Updates {
        private $db;

public  function __construct ( $db ){
    $this->db = $db;
}

public function User_Login($_iUsername,$_iPassword) {
    $md5_password = md5($_iPassword);

    $sth = $this->db->prepare("SELECT _iD FROM users WHERE _iUsername = ? AND _iPassword = ? AND _iStatus = 1");
    $sth->execute(array($_iUsername, $md5_password));

    if ($sth->rowCount() == 1) {
        $row = $sth->fetch(PDO::FETCH_ASSOC);
        return $row['_iD'];
    } else {
        return false;
    }
}

public function User_Registration($_iPassword,$_iEmail,$_iNickname,$_iUsername) {
    $md5_password   = md5($_iPassword);

    $sth = $this->db->prepare("SELECT _iD FROM users WHERE _iEmail = ? ");
    $sth->execute(array($_iEmail));

    if ($sth->rowCount() == 0) {
        $sth1 = $db->prepare("INSERT INTO users (_iPassword,_iEmail,_iNickname,_iUsername) VALUES ( :_iPassword, :_iEmail, :_iNickname, :_iUsername ");
            $sth1->execute(array(':_iPassword' => $_iPassword,
                                 ':_iEmail'    => $_iEmail,
                                 ':_iNickname' => $_iNickname,
                                 ':_iUsername' => $_iUsername
                                ));

        $sth3 = $db->prepare("SELECT _iD FROM users where _iUsername = ?");
            $sth3->execute(array($_iUsername));

        $sth2 = $db->prepare("INSERT INTO friends (friend_one,friend_two,role) VALUES ( :rowiD, :_rowiD, :me ");
            $sth2->execute(array(':rowiD' => $row['_iD'],
                                 ':rowiD' => $row['_iD'],
                                 ':me' => me 
                                ));

            $row = $sth1->fetch(PDO::FETCH_ASSOC);
        return $row['_iD'] ;
    } else {
            return false;
    }
}

    }

  • 登录.php

    include_once 'includes/db.php';
include_once 'includes/Wall_Updates.php';
error_reporting( E_ALL );

session_start();
if(!empty($_SESSION['_iD'])) {
    header("location:index.php");
}

$Wall = new Wall_Updates( $db );

$login_error = '';
if(!empty($_POST['_iUsername']) && !empty($_POST['_iPassword'])){
    if ( strlen($_POST['_iUsername'])>0 && strlen($_POST['_iPassword'])>0) {
    $login = $Wall->User_Login( $_POST['_iUsername'],$_POST['_iPassword'] );
        if( $login ){
            $_SESSION['_iD'] = $login;
            header("location: index.php");
        } else {
            $login_error="<div class='error' style='margin-top: -2px; margin-bottom: -8px;' ><span class='error'>Email or Password is invalid</span></div><br>";
        }
    }
}


html begins <?php echo $login_error; ?></div>
<form method="post" action="" name="login">
    <input class="_iUsernameClass" type="text" placeholder="_iUsername" name="Username" id="login._iEmail">
    <input class="_iPasswordClass" type="password" placeholder="_iPassword"  name="Password" id="login._iPassword">
    <button class="primary" type="submit"></button>
</form> html ends
4

1 回答 1

1

我看到的第一件事是您需要使用bindValue()。尝试为您的查询构建遵循此结构:

$sth = $this->db->prepare("
  SELECT _iD
  FROM users
  WHERE _iUsername = :username
  AND _iPassword = :password");
$sth->bindValue(":username", $_iUsername, PDO::PARAM_STR);
$sth->bindValue(":password", $md5_password, PDO::PARAM_STR);
$sth->execute();
$result = $sth->fetch(PDO::FETCH_ASSOC); // returns id or false

只是要记住的一个旁注:

fetch(PDO::FETCH_ASSOC)

仅返回一条记录,并且:

fetchAll(PDO::FETCH_ASSOC)

返回所有(多条)记录。

顺便说一句,由于时间限制,我没有查看您的所有代码。这只是我遇到的第一个问题。

于 2013-05-23T01:41:20.173 回答