mysqli php安全登录脚本错误 [英] Errors with mysqli php secure login script
本文介绍了mysqli php安全登录脚本错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我搜索了google,阅读了PHP手册,并尝试了一些教程来为mysqli和PHP创建安全的登录脚本.有人知道没有md5
的实际工作吗?
I have searched google, read in the PHP manual and tried several tutorials to make a secure login script for mysqli and PHP. Does anyone know of one that actually works without md5
?
如果可能的话,我想看一些工作代码或教程.
I would like to see some working code or a tutorial if possible.
即使在将值硬编码到脚本中之后,我的数据库也不会实际查询数据库或返回值...我正在寻找类似的东西:
Mine won't actually query the db or return a value, even after hardcoding the values into the script... I'm looking for something like:
- 使用"connectdb"文件进行连接
- 通过表单发布用户/密码
- 查询用户/密码的数据库
- 使用用户名设置会话
- 等
这是我的无效代码:
<?php
include ("conectionlink.php");
//connection errors if any...
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$userid = htmlentities($_POST['userid'], ENT_QUOTES);
$password = htmlentities($_POST['password'], ENT_QUOTES);
//create a prepared statement
if ($stmt = $mysqli->prepare("SELECT userid, password FROM admins WHERE userid=? and password=?")) {
// bind parameters-define them...
$stmt->bind_param("is", $userid, $password);
//execute...
$stmt->execute();
// bind result variables
$stmt->bind_result($userid,$password)
//fetch value
$stmt->fetch();
var_dump($userid, $password);
printf("%n is associated with %s", $userid, $password);
/* close statement */
$stmt->close();
}
/* close connection */
$mysqli->close();
?>
我收到以下错误消息:
推荐答案
According to the PHP documentation for mysqli, bind_result()
syntax should be in one line, rather than performing multiple binds:
bind_result ( mixed &$var1 [, mixed &$... ] )
所以,代替这个:
$stmt->bind_result($userid);
$stmt->bind_result($password);
尝试这样做:
$stmt->bind_result($userid,$password);
这篇关于mysqli php安全登录脚本错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文