1. 首页
  2. 问答
  3. 在PDO中登录页面

在PDO中登录页面

2015-12-05 79 views
-1

我在尝试将我的网站转换为PDO,并且我的登录页面出现了一些问题。 这是我的代码,但无论输入什么用户名或密码,我都得到了同样的结果:“姓名或密码不正确!”。我检查了用户名和密码,它是正确的。 有什么问题?在PDO中登录页面

<?php 
    if($_POST['name']=="" || $_POST['password']=="")`enter code here` 
    { 
     print 'Fields cannot be empty !<br> 
       <a href="index.php">Inapoi</a>'; 
     exit; 
    } 

    include("connnect.php"); 
    $stmt = $db->prepare('SELECT * FROM admin WHERE admin_name = ? AND admin_password = ?'); 
    $stmt->bindParam(1, $_POST['name']); 
    $stmt->bindParam(2, md5($_POST['password'])); 
    $stmt->execute(); 

    if(($stmt->fetchColumn())!=1) 
    { 
     print 'Name or password is incorrect!<br> 
       <a href="index.php">Back</a>'; 
     exit; 
    } 

    session_start(); 
    $_SESSION['name_admin']=$_POST['name']; 
    $_SESSION['password']=md5($_POST['name']); 
    $_SESSION['key_admin']=session_id(); 
    header("location: admin.php"); 
?>

来源

2015-12-05 greeny

+1

'var_dump(($ stmt-> fetchColumn()); ' –

+0

fetchColumn将永远不会是1,它将返回列值或FALSE.Just删除'!= 1' – Mihai

+0

@Mihai如果列值为1 - 那么是什么? –

回答

2

fetchColumn

PDOStatement::fetchColumn — Returns a single column from the next row of a result set

而不是$stmt->fetchColumn()你必须使用$stmt->rowCount()

PDOStatement::rowCount — Returns the number of rows affected by the last SQL statement

if($stmt->rowCount()>0) 
    { 
     print 'Name or password is incorrect!<br> 
       <a href="index.php">Back</a>'; 
     exit; 
    }

http://php.net/manual/en/pdostatement.rowcount.php

更新

PDOStatement::rowCount() does not return the number of rows affected by a SELECT statement. Instead, use PDO::query() to issue a SELECT COUNT(*) statement with the same predicates as your intended SELECT statement, then use PDOStatement::fetchColumn() to retrieve the number of rows that will be returned

$stmt = $db->prepare("SELECT * FROM admin WHERE admin_name = ? AND admin_password = ?"); 
     $stmt->bindParam(1, $_POST['name']); 
     $stmt->bindParam(2, md5($_POST['password'])); 
     $stmt->execute(); 
     $result=$stmt->fetch(); 
     $row=count($result); 
      /* Check the number of rows that match the SELECT statement */ 
      if ($row== 0) { 
       print 'Name or password is incorrect!<br> 
        <a href="index.php">Back</a>'; 
      exit; 
      }

来源

2015-12-05 12:19:51 Saty

+1

对于SELECT这不会工作,你需要一个SELECT COUNT或存储所有值与fetchAll – Mihai

+0

@Mihai之前你是正确的,我会相应地更新我的答案。并感谢更新我的知识 – Saty

+0

现在我得到这个致命错误:调用未定义的方法PDOStatement ::查询().. – greeny

0

1)include("connnect.php");之前添加var_dump($_POST['name']); var_dump($_POST['password']); exit;

2)然后,如果你的名字和密码$stmt->execute();后加入添加var_dump($stmt); exit;

3)如果什么都没有输出,所以问题出在你的PDO配置

来源

2015-12-05 12:20:33

+0

我有我的密码和用户名.. – greeny

+0

ok,现在你可以删除'var_dump($ _ POST ['name']);的var_dump($ _ POST [ '密码']);退出;'做第二个(2分) –

+0

现在我得到了这个:object(PDOStatement)#3(1){[“queryString”] => string(61)“SELECT * FROM admin WHERE admin_name =?AND admin_password =? “ } – greeny

相关问题

 相关问题