PHP PDO登录脚本不起作用 [英] PHP PDO Login script not working
本文介绍了PHP PDO登录脚本不起作用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
另一个新手在这里. 我正在尝试修复以下代码,以防止sql注入,并学习编写php和sql的新方法.
Another newbie here.. I'm trying to fix below code to prevent sql injection and learn the new way of writing php and sql.
非常感谢您的建议.
我修改了
<?php
class DB_Functions {
private $db;
function __construct() {
require_once 'db_connect.php';
$this->db = new DB_Connect();
$this->db->connect();
}
public function getUser($uid, $password) {
$result = mysql_query("SELECT * FROM users WHERE id = '$uid' AND pswd = '$password'") or die(mysql_error());
$no_of_rows = mysql_num_rows($result);
if ($no_of_rows > 0) {
$result = mysql_fetch_array($result);
return $result;
} else {
return false;
}
}
}
?>
对此,我没有得到相同的结果.
to this and i don't get the same result..
<?php
class DB_Functions {
private $db;
function __construct() {
require_once 'db_connect.php';
$this->db = new DB_Connect();
$this->db->connect();
}
public function getUser($uid, $password) {
$sql = $db->prepare("SELECT * FROM users WHERE id=:id AND pswd=:password");
$result = $db->query($sql);
$no_of_rows = mysql_num_rows($result);
if ($no_of_rows > 0) {
$result = mysql_fetch_array($result);
return $result;
} else {
return false;
}
}
}
?>
推荐答案
您不能将mysql与mysqli或PDO混合使用.您需要查看错误日志,因为这不可能发生-您应该看到大量致命错误.
You can't mix mysql with mysqli or PDO. You need to look at your error logs because this should not be possible - you should be seeing tons of fatal errors.
public function getUser($uid, $password) {
$stmt = $db->prepare("SELECT * FROM users WHERE id=? AND pswd=?");
$stmt->execute(array($uid, $password));
return $stmt->fetch();
}
这篇关于PHP PDO登录脚本不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文