我正在为大学做一个项目,我们必须创建一个博客
I am doing a project for college where we have to create a weblog
此代码包含在 SQL.php 文件中,该文件包含 SQL 的所有函数:
函数check_login($user_name, $密码){
#create the PDO object
/**
* Used to instanciate the host of the server
* @var string
*/
$hostname = 'localhost';
/**
* Used to instanciate the username to connect to the server
* @var string
*/
$username = 'ODBC';
/**
* Used to instanciate the password to connect to the server
* @var string
*/
$pass = "";
/**
* Used to instanciate the database name
* @var string
*/
$db_name = 'bloggie_db';
try{
mysql_query("SET NAMES 'utf8");
$dbh = new PDO("mysql:host=$hostname;dbname=$db_name" , $username, $pass);
#set PDO error mode to exception
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
#Check to see if the user exists
$stmt = $dbh->query("SELECT password, username, firstname, surname FROM users WHERE username = '" . $user_name . "'");
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$check_username = $row['username'];
$check_password = $row['password'];
$name = $row['firstname'];
$surname = $row['surname'];
if ($row){
if($check_password=$password & $check_username=$user_name){
header("Content-Type: text/html; charset=utf-8");
echo 'pass check= ' . $check_password . ' password= '. $password . ' firstname= ' . $name . ' surname= ' . $surname;
return array($name, $surname);
}else{
echo "Your details are invalid.";
return false;
}
}else{
echo "Your account does not exist";
}
}catch(PDOException $e){
$e->getTrace();
}
$dbh = null;
}
打印密码时,我得到一个包含 gaves 的奇怪值,例如 "dapb`",而该值实际上应该是 6544。
在 Login.php 中我调用了 sql 函数:
/**
* Requesting the users username from Bloggie_Welcome.php
* @var string
*/
$username = $_REQUEST['Email'];
/**
* Retrieving the users password from Bloggie_Welcome.php
* @var string
*/
$password = $_REQUEST['Password'];
#Including the path to the validation object
include '../Objects/SQL.php';
#Instanciating the SQL object
$sql = new SQL();
#Calling the sql function check_login
$details = $sql->check_login($username, $password);
session_start();
if(isset($details)){
$_SESSION['username'] = $username;
$_SESSION['firstname'] = $details[0];
$_SESSION['surname'] = $details[1];
//header("Location: ../Bloggie_Profile.php");
}
我似乎无法理解为什么当我打印用户名、密码、名字和姓氏时,除了密码之外所有数据都是正确的。
创建用户table:
函数 create_Users(){
#create the PDO object
/**
* Used to instanciate the host of the server
* @var string
*/
$hostname = 'localhost';
/**
* Used to instanciate the username to connect to the server
* @var string
*/
$username = 'ODBC';
/**
* Used to instanciate the password to connect to the server
* @var string
*/
$password = "";
/**
* Used to instanciate the database name
* @var string
*/
$db_name = 'bloggie_db';
try{
$dbh = new PDO("mysql:host=$hostname;dbname=$db_name" , $username, $password);
echo "<br/>Database connected <br/>";
#set PDO error mode to exception
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
#create users table
$sqlU = 'CREATE TABLE users('.
'user_id INT NOT NULL AUTO_INCREMENT,'.
'firstname VARCHAR(50),'.
'surname VARCHAR(50),'.
'username VARCHAR(100),'.
'password VARCHAR(255),'.
'contact_num VARCHAR(10),'.
'email VARCHAR(100),'.
'gender VARCHAR(50),'.
'DOB DATE,'.
'profile_path VARCHAR(200),'.
'bio VARCHAR(255),'.
'PRIMARY KEY(user_id))';
$dbh->exec($sqlU);
echo "<br/> Users table dropped.";
$dbh = null;
}catch(PDOException $e){
echo "<br/>" . $e->getMessage() . "<br/>";
die(print_r($e->getTrace()));
}
}
请大家帮帮我 :(.
我认为您犯了最常见的编程错误,只是运算符拼写错误:
if($check_password=$password & $check_username=$user_name){
这就是为什么您首先将 $chack_password
分配给 $password
并对其执行二元与 (&
) 运算符(而不是 &&
(AND))并使用 $user_name
。 password
现在 returns 一个不同的值。
修复一下应该就可以了
此代码包含在 SQL.php 文件中,该文件包含 SQL 的所有函数:
函数check_login($user_name, $密码){
#create the PDO object
/**
* Used to instanciate the host of the server
* @var string
*/
$hostname = 'localhost';
/**
* Used to instanciate the username to connect to the server
* @var string
*/
$username = 'ODBC';
/**
* Used to instanciate the password to connect to the server
* @var string
*/
$pass = "";
/**
* Used to instanciate the database name
* @var string
*/
$db_name = 'bloggie_db';
try{
mysql_query("SET NAMES 'utf8");
$dbh = new PDO("mysql:host=$hostname;dbname=$db_name" , $username, $pass);
#set PDO error mode to exception
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
#Check to see if the user exists
$stmt = $dbh->query("SELECT password, username, firstname, surname FROM users WHERE username = '" . $user_name . "'");
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$check_username = $row['username'];
$check_password = $row['password'];
$name = $row['firstname'];
$surname = $row['surname'];
if ($row){
if($check_password=$password & $check_username=$user_name){
header("Content-Type: text/html; charset=utf-8");
echo 'pass check= ' . $check_password . ' password= '. $password . ' firstname= ' . $name . ' surname= ' . $surname;
return array($name, $surname);
}else{
echo "Your details are invalid.";
return false;
}
}else{
echo "Your account does not exist";
}
}catch(PDOException $e){
$e->getTrace();
}
$dbh = null;
}
打印密码时,我得到一个包含 gaves 的奇怪值,例如 "dapb`",而该值实际上应该是 6544。
在 Login.php 中我调用了 sql 函数:
/**
* Requesting the users username from Bloggie_Welcome.php
* @var string
*/
$username = $_REQUEST['Email'];
/**
* Retrieving the users password from Bloggie_Welcome.php
* @var string
*/
$password = $_REQUEST['Password'];
#Including the path to the validation object
include '../Objects/SQL.php';
#Instanciating the SQL object
$sql = new SQL();
#Calling the sql function check_login
$details = $sql->check_login($username, $password);
session_start();
if(isset($details)){
$_SESSION['username'] = $username;
$_SESSION['firstname'] = $details[0];
$_SESSION['surname'] = $details[1];
//header("Location: ../Bloggie_Profile.php");
}
我似乎无法理解为什么当我打印用户名、密码、名字和姓氏时,除了密码之外所有数据都是正确的。
创建用户table: 函数 create_Users(){
#create the PDO object
/**
* Used to instanciate the host of the server
* @var string
*/
$hostname = 'localhost';
/**
* Used to instanciate the username to connect to the server
* @var string
*/
$username = 'ODBC';
/**
* Used to instanciate the password to connect to the server
* @var string
*/
$password = "";
/**
* Used to instanciate the database name
* @var string
*/
$db_name = 'bloggie_db';
try{
$dbh = new PDO("mysql:host=$hostname;dbname=$db_name" , $username, $password);
echo "<br/>Database connected <br/>";
#set PDO error mode to exception
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
#create users table
$sqlU = 'CREATE TABLE users('.
'user_id INT NOT NULL AUTO_INCREMENT,'.
'firstname VARCHAR(50),'.
'surname VARCHAR(50),'.
'username VARCHAR(100),'.
'password VARCHAR(255),'.
'contact_num VARCHAR(10),'.
'email VARCHAR(100),'.
'gender VARCHAR(50),'.
'DOB DATE,'.
'profile_path VARCHAR(200),'.
'bio VARCHAR(255),'.
'PRIMARY KEY(user_id))';
$dbh->exec($sqlU);
echo "<br/> Users table dropped.";
$dbh = null;
}catch(PDOException $e){
echo "<br/>" . $e->getMessage() . "<br/>";
die(print_r($e->getTrace()));
}
}
请大家帮帮我 :(.
我认为您犯了最常见的编程错误,只是运算符拼写错误:
if($check_password=$password & $check_username=$user_name){
这就是为什么您首先将 $chack_password
分配给 $password
并对其执行二元与 (&
) 运算符(而不是 &&
(AND))并使用 $user_name
。 password
现在 returns 一个不同的值。
修复一下应该就可以了