使用php中的用户名或电子邮件地址登录 [英] login with username or email address in php

问题描述

我正在尝试使用用户名或电子邮件创建登录名

I am trying to create a login with username or email

我的代码是:

$username=$_REQUEST['login'];
$email=$_REQUEST['login'];
$password=$_REQUEST['password'];

if($username && $password) {
  $query="select * from  user_db where username='$username'  and password='$password'";
} else if ($email && $password) {
  $query="select * from  user_db where email='$email' and password='$password'";
}

使用用户名登录成功，但是无法使用电子邮件登录.请帮帮我！

Login with username is success but login with email is not working. Please help me!

推荐答案

电子邮件和用户名的登录参数相同.如果您有一个接受任一登录框的登录名，那不是完全不正确.

The login parameter is the same for both email and username. Not exactly incorrect if you have a single login box that accepts either.

如果不确定是电子邮件地址还是用户名，则可以将条件放入查询本身.

You could put the condition in the query itself if you're not sure if it's an email or username.

$login=$_REQUEST['login'];
$query = "select * from  user_db where ( username='$login' OR email = '$login') and password='$password'"

修改: 如今，像PDO一样的解决方案更为可取，因为上面的内容需要进行SQL注入.逻辑保持不变，但是您将看起来像这样:

A PDO-like solution is much more preferred nowadays as the above is subject to SQL injection. The logic stays the same, but you'd have it look something like this:

$query = "
    SET @username = :username
    SELECT * FROM user_db
       WHERE ( username = @username OR email = @username) 
       AND password = :password
";

$statement = $pdoObject->prepare($query);
$statement->bindValue(":username", $login, PDO::PARAM_STR);
$statement->bindValue(":password", $password, PDO::PARAM_STR);
$statement->execute();

这篇关于使用php中的用户名或电子邮件地址登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！