0

这段代码的某处肯定存在逻辑缺陷,但我找不到。问题是无论输入如何,它都是echo成功的(模拟重定向到主页)。我不知道为什么。这是代码:

$signIn = new UserService($dbuser, $dbpass, $dbhost, $dbname); //Create new class instance 
$signIn->sec_session_start(); //Begin session
$_SESSION['token'] = $token; //Store token valualbe in super global variable

//***************************************************************************************//

//***************************************************************************************//
//Begin Login Functions

if(isset($_POST['username'], $_POST['password'],$_POST['siteToken'])) {

    //Assign POST submissions to passable php variables
    $username = $_POST['username'];
    $password = $_POST['password'];
    $passedToken = $_POST['siteToken'];

    //Check Token Values (prevent CSRF attacks)
    /*
    if($passedToken != $_SESSION['token']) {
        $error = "CSRF attack detected. Please close your browser and try again."; 
        $signIn->csrfAttackLog($username);
        echo $error;
        exit();     
    }
    */

    //Test if both fields are not null
    if($username == "" || $password = "")
    {
        $error = "Not all fields were entered<br />";
        echo $error;
        exit();
    }

    //Start login process
    else
    {
        $success = $signIn->login($username, $password);
        if ($success == true)
        { //Login Successful
            echo "Success!"; //Direct to main page.
            exit();
        }
        //Specific login failure determination
        else 
        {
            switch ($success){
                case 1:
                    $error = "Your account has been locked.";
                    echo $error;
                    break;
                case 2: 
                    $error = "Invalid Username/Password (2)";
                    echo $error;
                    break;
                case 3:
                    $error = "Invalid Username/Password";
                    echo $error;
                    break;  
                case 4: 
                    $error = "Invalid Username/Password (3)";
                    echo $error;
                    break;
            }
        }

    }

这是 login类方法:

    public function login($username, $password)
        {
            //****************//
            $this->username = $username;
            $this->password = $password; 
            $user_Id = "";
            $user = "";
            $hashPassword = "";
            $dbPassword = "";
            $salt = "";
            $userBrowser = "";
            //**************// Local declerations

            $this->connect(); //connect to database

            if ($stmt = $this->dbh->prepare("SELECT UserId, Username, Pass, Salt FROM user WHERE Username = :param1 LIMIT 1")) //Prepared procedure
            {
                $stmt->bindParam(':param1', $this->username); //Bind $this->username to parameter
                $stmt->execute(); //Execute the prepared query

                if ($stmt->rowCount() == 1) //If the user exists
                {
                    $this->user = $stmt->fetch(PDO::FETCH_ASSOC); //Grab the variables from the selected database row

                    $user_Id = $this->user['UserId']; //Transfer variables from array to local variables
                    $user = $this->user['Username'];
                    $dbPassword = $this->user['Pass'];
                    $salt = $this->user['Salt'];

                    if($user_Id = "")
                        echo "Why"; 
                    //Check if account has been locked
                    if($this->checkBrute($user_Id, $this->dbh) == true) 
                    {
                        //Account is locked
                        return 1; //Used in userControl as a switch condition: Indicates a locked account
                        //Possibly send an email here
                    } else {
                                $hashPassword = hash('sha512', $this->password.$salt); //Hash the password with the unique salt

                                if($dbPassword == $hashPassword) 
                                { //Check if the password in the database matches the password the user submitted
                                //Password is correct!

                                $userBrowser = $_SERVER['HTTP_USER_AGENT']; // Get the user-agent string of the user
                                $_SESSION['p_id'] = $user_Id; //Store user id to global session variable
                                $_SESSION['userName'] = $user; //Store username to global session variable
                                $_SESSION['loginString'] = hash('sha512', $hashPassword.$userBrowser); //Hash the concentanation of the hashedpassword (password + salt) and userBrowser
                                //Login succesful!!!!!!
                                return true;
                                } else {
                                        //Password is not correct
                                        //Record this attempt in the database
                                        $now = time();
                                        $userIp = $_SERVER['REMOTE_ADDR'];
                                        $insert = $this->dbh->query("INSERT INTO loginattempts (UserId, UserIp, EventTime) VALUES ('$user_Id', 'userIP', '$now')");
                                        if($insert == false){
                                            return 2; //Used in userControl as a switch condition: Indicated a failure to log failed login attempt
                                        } else {
                                            return 3; //Used in userControl as a switch condition: Indicates an inccorect password
                                        }
                                    }
                            }

                }
                else 
                {
                    //No user exists
                    return 4;
                }
            }
        }

我知道 SQL 查询有效:我已经在这段代码之外测试了它们。我不明白为什么它一直返回真实。PHP 没有抛出任何异常或错误(是的,我已经读过很多次“不要编写自己的登录函数。使用已经工作的登录函数。”这不是一个公共站点。我只是为了见鬼)。任何帮助表示赞赏。

4

1 回答 1

1

您的登录代码有各种返回代码 -true如果一切正常,或数字表示各种错误状态。然后,您将使用以下命令检查返回值:

if ($success == true)

PHP 不是强类型的,因此它会将返回值转换为布尔值以进行比较;并且任何非 0 整数都将评估为真。要进行类型检查和值检查,您需要使用严格比较运算符:

if ($success === true)

$success如果既是真又是布尔值,这将评估真。

于 2013-06-25T19:41:43.350 回答