-1

所以我的 SELECT 语句是从 users 表的一行中选择所有的。该行中有一个标记为“user_level”的列,我想使用该列中的数据来区分管理员和来宾。有没有办法使用“user_level”(并且可能将其绑定到会话变量)而无需编写另一个 SELECT 语句?

if (isset($_POST['username'], $_POST['password'])) {
    $username = $_POST['username'];
    $password = md5($_POST['password']);

    if (empty($username) or empty($password)) {
        $error = 'All fields are required!';
    } else {
        $query = $pdo->prepare("SELECT * FROM users WHERE user_name = :name and
 user_password = :password");

        $query->bindValue(":name", $username, PDO::PARAM_STR);
        $query->bindValue(":password", $password, PDO::PARAM_STR);

        $query->execute();

        $num = $query->rowCount();

        if ($num == 1) {
            //user entered correct details
            $_SESSION['logged_in'] = true;

            header('Location: index.php');
            exit();
        } else {
            //user entered false details
            $error = 'Incorrect details!';
        }
    }
}
4

1 回答 1

0

你不需要在这里没有 rowCount。
以及一半的重复和三次重复的代码。

if (isset($_POST['username'], $_POST['password'])) {
    $username = $_POST['username'];
    $password = md5($_POST['password']);

    $sql = "SELECT user_level FROM users WHERE user_name = ? and user_password = ?";
    $stm = $pdo->prepare($sql);
    $srm->execute(array($username,$password));
    $level = $stm->fetchColumn();
    if ($level !== FALSE) {
        //user entered correct details
        $_SESSION['user_level'] = $level;
        header('Location: index.php');
        exit();
    }
}
$error = 'Incorrect details!';
于 2013-06-25T16:12:05.100 回答