目前正在尝试运行一个查询,我已经成功地通过添加确切的用户名使其正常工作,但是当我尝试使用当前查询来使用 $_Session 标识的用户名时,它不起作用。
<?php
include ("config.php");
session_start();
$username = $_SESSION['username'];
$stmt = $db->exec ("UPDATE users SET lastlogindate = NOW() WHERE username = '$username'");
?>
编辑 - Login.php 代码
<?php
require("config.php");
$submitted_username = '';
if(!empty($_POST)){
$query = "
SELECT
id,
username,
password,
salt,
email
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex){ die("Failed to run query: " . $ex->getMessage()); }
$login_ok = false;
$row = $stmt->fetch();
if($row){
$check_password = hash('sha256', $_POST['password'] . $row['salt']);
for($round = 0; $round < 65536; $round++){
$check_password = hash('sha256', $check_password . $row['salt']);
}
if($check_password === $row['password']){
$login_ok = true;
}
}
if($login_ok){
unset($row['salt']);
unset($row['password']);
$_SESSION['user'] = $row;
header("Location: main.php");
die("Redirecting to: main.php");
}
else{
print("Login Failed.");
$submitted_username = htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8');
}
};
?>
最佳答案
你设置$row进入$_SESSION['user']在 login.php 中,然后通过 $_SESSION['username'] 获取它错误地,你应该使用 $_SESSION['user']相反。
试试这个:
<?php
include ("config.php");
session_start();
$username = $_SESSION['user'];
$stmt = $db->prepare("UPDATE users SET lastlogindate = NOW() WHERE username = ?");
$stmt->bindParam(1, $username['username']);
$stmt->execute();
?>
关于php - 在 PHP 中使用 session ID 作为用户名 INSERT,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19986723/