Fatal编程技术网
  • php/
  • 带有查询和PDO使用的PHP语法

带有查询和PDO使用的PHP语法

php mysql sql

带有查询和PDO使用的PHP语法,php,mysql,sql,pdo,Php,Mysql,Sql,Pdo,我试图创建一个php登录文件,用于查询SQL数据库中的正确用户名和密码。当我从dao.php调用我的方法时,我的checklogin.php似乎挂起。我有一个register.php,它可以很好地与我的dao.php配合使用。下面是我所有的代码。我相信我的问题来自dao.php中的getUser()函数 checklogin.php: <?php require_once "DAO.php"; $dao = new DAO(); // Get data from f

我试图创建一个php登录文件,用于查询SQL数据库中的正确用户名和密码。当我从
dao.php
调用我的方法时,我的
checklogin.php
似乎挂起。我有一个
register.php
,它可以很好地与我的
dao.php
配合使用。下面是我所有的代码。我相信我的问题来自
dao.php
中的getUser()函数

checklogin.php:

    <?php
  require_once "DAO.php";
  $dao = new DAO();

  // Get data from form POST
  $username = (isset($_POST["username"])) ? $_POST["username"] : "";
  $password = (isset($_POST["password"])) ? $_POST["password"] : "";

  // MySQL Injection Protection Section (the rhymez)
  $username = stripslashes($username);
  $password = stripslashes($password);

  $username = mysql_real_escape_string($username);
  $password = mysql_real_escape_string($password);
  // End protection

  //echo $username;
  //echo $password;
  //echo $dao->getUser($username, $password);

  if(!$dao->getUser($username, $password)){
    //echo "Wrong usernamer or password";
    header("location: login.html");
  }
  else{
    //echo "Logic successful";
    header("location: index.php");
  }
?>
checklogin.php:

<?php
      require_once "DAO.php";
      $dao = new DAO();

      // Get data from form POST
      $username = (isset($_POST["username"])) ? $_POST["username"] : "";
      $password = (isset($_POST["password"])) ? $_POST["password"] : "";

      // MySQL Injection Protection Section (the rhymez)
      $username = stripslashes($username);
      $password = stripslashes($password);
      // End protection

      // Failure
      if($dao->getUser($username, $password)){
        header("location: login.html");
      }
      // Successful login
      else{
        header("location: index.php");
      }
    ?>

<?php
require_once "DAO.php";
require_once "pdo.php";
$dao = new DAO($pdo);

if(isset($_POST["username"]) && $dao->getUser($_POST["username"], $_POST["password"]))
{
    header("location: index.php");

} else {

    header("location: login.html");
}
谢谢大家的帮助。

这段代码有太多错误,需要一周时间来解释所有错误、错误做法和迷信。所以,只有代码

class DAO {

  function __construct($pdo) {
    $this->db = $pdo;
  }

  public function registerUser($username, $password, $email, $name) {
    $sql = "INSERT INTO users(login, pass, email, fname) VALUES (?, ?, ?, ?)";
    $stm = $this->db->prepare($sql);
    $stm->execute(func_get_args());
  }

  public function getUser($username, $password){
    $sql = "SELECT id,password FROM users where login=?";
    $stm = $this->db->prepare($sql);
    $stm->execute([$username]);
    $row = $stm->fetch();
    if (password_verify($password, $row['password'])) {
        $_SESSION['user'] = $row['id'];
        return TRUE;
    }
  }
}
checklogin.php:

<?php
      require_once "DAO.php";
      $dao = new DAO();

      // Get data from form POST
      $username = (isset($_POST["username"])) ? $_POST["username"] : "";
      $password = (isset($_POST["password"])) ? $_POST["password"] : "";

      // MySQL Injection Protection Section (the rhymez)
      $username = stripslashes($username);
      $password = stripslashes($password);
      // End protection

      // Failure
      if($dao->getUser($username, $password)){
        header("location: login.html");
      }
      // Successful login
      else{
        header("location: index.php");
      }
    ?>

<?php
require_once "DAO.php";
require_once "pdo.php";
$dao = new DAO($pdo);

if(isset($_POST["username"]) && $dao->getUser($_POST["username"], $_POST["password"]))
{
    header("location: index.php");

} else {

    header("location: login.html");
}
不要在PDO中使用mysql\u real\u escape\u字符串。如果您使用了正确的参数,则不需要这样做,这实际上可能是问题的原因,尽管实际的“挂起”很奇怪。这个问题似乎与主题无关,因为它是关于转储所有代码而不将其调试为仅相关的位。复制了所有您拥有的,现在,我的register和login加载一个空白页面,其中URL分别为register.php和checklogin.php。我的注册表以前运行良好,但签入将是一个空白页。 
<?php
require_once "DAO.php";
require_once "pdo.php";
$dao = new DAO($pdo);

if(isset($_POST["username"]) && $dao->getUser($_POST["username"], $_POST["password"]))
{
    header("location: index.php");

} else {

    header("location: login.html");
}

<?php
require_once "DAO.php";
require_once "pdo.php";
$dao = new DAO();

// this section is flawed too but I can't write ALL the app
$username = (isset($_POST["username"])) ? $_POST["username"] : die('Error: Username / Password field was blank');
$password = (isset($_POST["password"])) ? $_POST["password"] : header("location: index.php");
$email = (isset($_POST["email"])) ? $_POST["email"] : "";
$name = (isset($_POST["name"])) ? $_POST["name"] : "";

$dao->registerUser($username, $password, $email, $name);
header("location: appointment.php");

$dsn = "mysql:host=localhost;dbname=webdev;charset=utf8";
$opt = array(
    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
);
$pdo = new PDO($dsn,'root','secret', $opt);