PHP OOP登录系统:IF-ELSE错误
我正在用OOP PHP创建一个登录系统 问题在于执行PHP OOP登录系统:IF-ELSE错误,php,html,Php,Html,我正在用OOP PHP创建一个登录系统 问题在于执行if…else语句时,我会检查电子邮件是否正确,以及相应电子邮件的密码是否错误。如果是,则显示错误密码不正确。 但是,if…else语句未按预期工作。它不返回任何结果,即NULL login.php <?php include('conn.php'); class Login extends Connection { private $dbEmail; private $dbPassword; private
if…elseif…elseNULL<?php
include('conn.php');
class Login extends Connection {
private $dbEmail;
private $dbPassword;
private $query;
public $emError;
public $paError;
public function loginFormHandler($email, $password) {
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password");
$this->query->bindParam(':email', $email);
$this->query->bindParam(':password', $password);
$this->query->execute();
while($row = $this->query->fetch(PDO::FETCH_ASSOC)) {
$this->dbEmail = $row['email'];
$this->dbPassword = $row['password'];
}
if ($this->dbEmail === $email && $this->dbPassword !== $password) {
$this->paError = 'Password Error';
}
}
public function errors() {
return array($this->emError, $this->paError);
}
}
<?php
include('class/login.php');
$err = [];
if(isset($_POST['email']) && isset($_POST['password'])) {
$email = $_POST['email'];
$password = $_POST['password'];
if(!empty($email) && !empty($password)) {
$user = new Login;
$user->loginFormHandler($email, $password);
var_dump($err = $user->errors());
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Login Form</title>
</head>
<body>
<div class="form">
<form action="/oop/index.php" method="POST" accept-charset="UTF-8">
<label for="email">Email: </label><br>
<input type="email" name="email" required><br>
<?php if($err) {echo $err[0];} ?><br>
<label for="password">Password: </label><br>
<input type="password" name="password" required><br>
<?php if($err) {echo $err[1];} ?><br>
<input type="submit" value="Login">
</form>
</div>
</body>
</html>
如果您的代码中包含了数据库中的电子邮件和密码,那么很明显密码永远不会出错(如果密码出错,则不会从db=NULL中获取任何内容)。您的代码如下所示:
class Login extends Connection {
private $email;
private $password;
private $query;
public $emError;
public $paError;
private function selectLogin(){
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password LIMIT 1");
$this->query->bindParam(':email', $this -> email);
$this->query->bindParam(':password', $this -> password);
$this->query->execute();
return $this->query->fetch(PDO::FETCH_ASSOC);
}
public function loginFormHandler($email, $password){
$this -> email = $email;
$this -> password = $password;
$result = $this -> selectLogin();
if(is_null($result)){
$this->emError = $this -> email;
$this->paError = 'Email or Password error';
} else {
// do something
}
}
public function errors() {
return array($this->emError, $this->paError);
}
}
只需检查行是否存在,如果存在,则启动会话。否则重定向回错误
您可以通过fetchColumn()
您的登录函数应该如下所示
public function loginFormHandler($email, $password) {
$this->query = $this->DB_CONN->prepare("SELECT `email`, `password` FROM `users` WHERE `email` = :email AND `password` = :password");
$this->query->bindParam(':email', $email);
$this->query->bindParam(':password', $password);
$res=$this->query->execute();
$num_rows = $res->fetchColumn();
if ($num_rows>0) {
$row = $this->query->fetch(PDO::FETCH_ASSOC);
echo "success";
//Do something
}
else{
echo 'email or password is not valid';
//or do something
}
}
不要在数据库中存储纯文本密码,请使用哈希。请参阅password\u hash/password\u verify。您的方法loginFormHandler在哪里?您的方法loginFormHandler不返回任何内容。@Progrock和它不应返回任何内容,因为错误是在单独的方法中检查的,@Progrock非常清楚地指出:“不要在数据库中存储纯文本密码,请使用哈希。请参阅password\u hash
/password\u verify
PHP函数。“。没有任何借口。如果你在练习作业中设置了快捷方式,那么你将在“真实”作业中设置快捷方式。不要成为问题。