-3

我有三个错误

警告:mysqli_stmt::fetch() 需要 0 个参数,1 在 /Volumes/shared/Digital/_Websites/_TEST/qpm/classes/mysql.php 第 20 行给出

注意:尝试在第 23 行的 /Volumes/shared/Digital/_Websites/_TEST/qpm/classes/mysql.php 中获取非对象的属性

注意:尝试在第 23 行的 /Volumes/shared/Digital/_Websites/_TEST/qpm/classes/mysql.php 中获取非对象的属性

这是我的代码

<?php 
require_once 'includes/constants.php';
class mysql{
    private $conn;

    function __construct(){
        $this->conn = $conn = new MySQLi(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME)
            or die ('There was an error in the connection');
        }

    function verify ($un, $pwd){


            $username = $un;
            $password = $pwd;
            if ($sth = $this->conn->prepare("SELECT pass FROM User WHERE username = '".$un."' LIMIT 1")) {
            $sth->execute();

            $user = $sth->fetch(PDO::FETCH_OBJ);

            // Hashing the password with its hash as the salt returns the same hash
            if (crypt($password, $user->hash) == $user->hash) {
              return true;
            } else { 

                return false; }

            }//end of if;

        }//end of verify

    }//enfd of class

只是试图通过,如果相同则返回 true,否则返回 false

谢谢

4

1 回答 1

0

像许多许多其他 php 用户一样,您混淆了 2 个完全不同的 API - mysqli 和 PDO。

请选择一个,即PDO,并使您的代码与之一致。

这是去掉了所有无用内容的代码,
但添加了适当的东西,即准备好的语句

function verify ($un, $pwd)
{
    $sql = "SELECT pass FROM User WHERE username = ?"
    $sth = $this->conn->prepare($sql);
    $sth->execute(array($un));
    $pass = $sth->fetchColumn();
    return (crypt($pwd, $pass) == $pass);
}

但请注意,这个函数verify不应该是mysql类的方法

于 2013-09-02T09:52:53.903 回答