PDO MySQL简单登录 [英] PDO MySQL Simple Login

问题描述

我只是想学习PDO并制作一个简单的脚本，遵循网络上的一些教程。



我制作了一个简单的脚本来自文本框的用户和密码，并与MySQL数据库中存储的数据进行比较。



脚本似乎正常工作，但我总是收到登录错误，它必须只有当用户被标记为Admin才能进行访问，将来我会处理更多类型的用户。



这是我的部分代码，用于向checklogin发送复选框数据，我已经使用GET方法进行测试，所以我可以轻松地在URL中发送变量数据。

  echo  ' < form method =GETaction =inc / login / CheckLogin.php>'; 
  echo  ' < input type = textplaceholder =用户名class =form-controlid =username =uservalue =>'; 
  echo  ' < input type =密码placeholder =密码class =form-controlid =passname =passvalue =>'; 
  echo  ' < input type =提交value =登录>  

数据库连接使用此文件，名为dbcon.php 
 
 <   pre     lang   =  PHP  >  
 $ user ='andreaem'; 
 $ pass =''; //出于安全原因隐藏密码
 
 try {
 $ dbh = new PDO（mysql：host = 127.0.0.1; dbname = c9，$ user，$ pass）; 
 echo'con ok'; 
} 
 catch（PDOException $ e）
 {
 echo $ e-& gt; getMessage（）; 
} <   / pre  >  

这是checklogin页面

 session_start（）;  //  开始会话 
 
包括'  ../ dbcon.php';  //  包括连接程序 
 
  $ user  = $ _GET ['  user'];  //  获取登录数据 
  $ pass  = $ _GET ['  pass'];  //  获取密码 
 
  $ STM  = $ dbh-> prepare（  SELECT类型FROM成员WHERE UserName = $ user AND Password = $ pass）;  //  准备查询 
 
 $ _SESSION [Connection] = $ dbh;  //  商店查询结果 
 
  $ STM   - >执行（）;  //  执行查询 
 
  $ count  =  $ STM   - >行计数（）;  //   count db rows  
 
  $ STM   - >取（）;  //  获取结果 
 
 if（$ count = 1）{
 $ _SESSION [type] = $ row [0];  //  在会话中存储用户角色 
 $ _SESSION [myusername] = $ user;  //  在会话中存储用户名 
} 
 
 if（$ row [0] == '  Admin'）{header（  location：../../ index.php？status = 2）;}  / /  将管理员用户重定向到状态为2的索引 
  else  {header（< span class =code-string>  location：../../ index.php？status = 1）; }  //  将登录错误重定向到状态为1的索引 
 
  $ dbh  =  null ;  //  干净查询 

我知道这不是完美的安全原因，但我不打算在生产中使用这个脚本。



一旦登录，标题重定向回登录页面，如果登录成功则将变量$ status设置为2，如果登录失败则设置为1。



我每次尝试都获得$ status = 1 ，当我尝试使用var_dump（）捕获错误时，我什么都没有。



在我的php_error文件中，我得到了这个：

 [17-Jul-2015 08:41:21 UTC] PHP致命错误：未捕获异常'PDOException'，消息'您无法序列化或反序列化PDO实例'活动文件]：0 
堆栈跟踪：
＃0 [内部功能]：PDO-> __ sleep（）
＃1 {main} 
抛出[无活动文件]第0行

等待回复，非常感谢。

解决方案

user ='a ndreaem ';

传=''; //出于安全原因隐藏密码

try {

dbh = new PDO（mysql：host = 127.0.0.1; dbname = c9，

Hi, i'm just trying to learn PDO and make a simple script following some tutorials on the web.

I've make a simple script that take user and password from textboxes and compare with the stored data in a MySQL Database.

The script seems to be working, but i always receive a login error, it must to give access only if an user is marked as Admin, in future i will handle more type of users.

Here is my portion of code that send checkbox data to checklogin, i've used the GET method just for testing, so i can test easely sending variable data in the URL.

echo '<form method="GET" action="inc/login/CheckLogin.php" >';
echo '<input type="text" placeholder="Username" class="form-control"  id="user" name="user" value="">';
echo '<input type="password" placeholder="Password" class="form-control"  id="pass" name="pass" value="">';
echo '<input type="submit" value="Login">

The DB connect using this file, called dbcon.php

<pre lang="PHP">
$user='andreaem';
$pass=''; //password hide for security reason

try {
$dbh = new PDO("mysql:host=127.0.0.1;dbname=c9", $user,$pass);
echo 'con ok';
    }
catch(PDOException $e)
    {
    echo $e-&gt;getMessage();
    }</pre>

And this is the checklogin page

session_start(); //starting session

include '../dbcon.php'; //including connection procedure

$user = $_GET['user']; //get login data
$pass = $_GET['pass']; //get password 

$STM = $dbh->prepare("SELECT Type FROM members WHERE UserName = $user AND Password = $pass"); //prepare query

$_SESSION[Connection]=$dbh; //store query result

$STM -> execute(); // execute query

$count = $STM -> rowcount(); //count db rows

$STM -> fetch(); //fetch result

if($count = 1) {
    $_SESSION[type]=$row[0]; //store user roles in session
	$_SESSION[myusername]=$user; // store username in session
}

if($row[0] == 'Admin')	 { header( "location:../../index.php?status=2");}  //redirect admin user to index with status 2
    else    { header( "location:../../index.php?status=1"); }  //redirect on login error to index with status 1
    
$dbh = null; //clean query 

I know that's not perfect for security reason, but i'm not planning to use this script on production.

Once it make the login, the header redirect back to the login page, setting the variable $status to 2 if login success and 1 if login failed.

I got $status=1 every time i try, and when i try to catch error using var_dump() i got nothing.

In my php_error file i got this:

[17-Jul-2015 08:41:21 UTC] PHP Fatal error:  Uncaught exception 'PDOException' with message 'You cannot serialize or unserialize PDO instances' in [no active file]:0
Stack trace:
#0 [internal function]: PDO->__sleep()
#1 {main}
  thrown in [no active file] on line 0

Waiting for a reply, thanks a lot.

解决方案

user='andreaem';

pass=''; //password hide for security reason try {

dbh = new PDO("mysql:host=127.0.0.1;dbname=c9",

这篇关于PDO MySQL简单登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！