0

登录表单工作正常,但是当我输入错误的用户名时出现错误

警告:尝试访问 bool 类型值的数组偏移量

我有一个包含以下代码的登录表单:

<?php
include('class.password.php');

class User extends Password{

    private $db;

    function __construct($db){
        parent::__construct();

        $this->_db = $db;
    }

    public function is_logged_in(){
        if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
            return true;
        }
    }

    private function get_user_hash($username){

        try {

            $stmt = $this->_db->prepare('SELECT MemberID, username, password FROM admins WHERE username = :username');
            $stmt->execute(array('username' => $username));

            return $stmt->fetch();

        } catch(PDOException $e) {
            echo '<p class="error">'.$e->getMessage().'</p>';
        }
    }


    public function login($username,$password){

        $user = $this->get_user_hash($username);

        if($this->password_verify($password,$user['password']) == 1){

            $_SESSION['loggedin'] = true;
            $_SESSION['memberID'] = $user['memberID'];
            $_SESSION['username'] = $user['username'];
            return true;
        }
    }


    public function logout(){
        session_destroy();
    }

}


?>

这是给出错误的行:

if($this->password_verify($password,$user['password']) == 1){
4

1 回答 1

2

您的问题是,当没有提供用户名的此类用户时,该get_user_hash方法将返回。false您应该考虑将代码更改为:

if(!empty($user) && $this->password_verify($password,$user['password']) == 1){
于 2020-12-21T16:27:11.743 回答