我对PDO完全陌生,所以如果我在这里犯了一个简单的错误,我很抱歉。此外如果这已经回答过。我搜索,但无法找到。我的问题是,当我打印会话时,它会打印出'Array([user_id] => 1)',但是我输入的用户名和密码是user_id 2的。我已经用不同的用户名和密码进行了尝试,它仍然给出id值为1.所以我在会话创建之前回应了$ user_id,它是1.但是我无法弄清楚它从哪里得到这个1?因为数据库中没有1的id。任何人都可以对此有所了解吗?PDO返回错误的值
这里是我的登录文件中的代码:
<?php
require 'core.inc.php';
if(isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
if (!empty($username) && !empty($password)) {
$stmt = $db->prepare("SELECT password FROM users WHERE username = ?");
$stmt->bindParam(1, $username);
$hash = $stmt->execute();
$password_verified = password_verify($password, $hash);
if ($password_verified = true) {
$stmt_id = $db->prepare("SELECT id FROM users WHERE username = ?");
$stmt_id->bindParam(1, $username);
$user_id = $stmt_id->execute();
echo $user_id;
$id_num_rows = $stmt_id->rowCount();
if ($id_num_rows == 0) {
echo 'You have entered a wrong password';
}else if($id_num_rows == 1){
$_SESSION['user_id'] = $user_id;
print_r($_SESSION);
}
} else {
echo("Please enter a username and password.");
}
}
}
?>
<!DOCTYPE html>
<header>
</header>
<body>
<form action ="<?php echo $current_file;?>" method="post">
<div class='field'>
<label for="username">Username: </label><input type='text'
name='username'/><br>
</div>
<div class='field'>
<label for ="password">Password: </label><input type='password'
name='password'/>
</div>
<div class='field'>
<label for='remember'>
<input type='checkbox' name="remember" id="remember"/> Remember me
</label>
</div>
<input type='submit' value='Log in'/>
</form>
</body>
</html>
<And here is the code from core.inc.php
<?php
session_start();
require 'connect.inc.php';
ob_start();
$current_file = $_SERVER['SCRIPT_NAME'];
@$http_referer = $_SERVER['HTTP_REFERER'];
function loggedin(){
if(isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])) {
return true;
}else{
return false;
}
}
?>
<Core.inc.php uses connect.inc.php which is added below:
<?php
try {
$db = new PDO('mysql:host=localhost;dbname=goal;charset=utf8','root','');
var_dump($db);
echo 'connected';
}
catch(Exception $e){
echo 'Error 1 has occured';
}
?>
我没有让你接受密码,但没有使用该变量 – WisdmLabs
你没有获取PDO结果集('execute()'不这样做)。一旦你解决了这个问题(参见愚蠢)你的代码应该运行 – Machavity
@Machavity非常感谢。真的帮了很多。 – Niall