php - 如果 int 具有特定值,则执行某些操作,如果没有,则执行其他操作

标签 php html mysql database localhost

我正在尝试对我的用户进行排名,从 1 到 7。如果登录用户的排名为 7,请说“您是员工”。如果没有,那就做点别的事。但如果我给用户 1 排名 7,什么也不会发生。然后,如果我给用户 2 排名 7,两个人都会收到消息说您是员工。

我已经为此苦苦挣扎了三天,但没有找出问题所在。我希望网站做的是查明登录用户是否排名为 7(如果有其他用户排名为 7,则只有登录用户排名为 7),如果我的数据库中的其他人排名为 7,而不是您,那么您就是排名 7 的用户。您不应该收到“您是员工”的消息。我有一个名为 GamesNet 的数据库,一个名为 members 的表,我的用户 ID 名为 memberID我还有其他几个名为 username 的专栏, password , emailRank .

这是一个不错的设置,对吧? 这是我的代码:

$stmt = $db->prepare('SELECT Rank, memberID from members where memberID');
$stmt->bindParam(7,$memberID, PDO::PARAM_INT);
$stmt->execute();

$result = $stmt->fetch(PDO::FETCH_ASSOC);
if($result['Rank'] == 7){
    echo "You are a staff member.";
}else{
    echo "Hello you are not a staff.";
}

?>

编辑:

user.php: 

        <?php
        include('password.php');
        class User extends Password{

            private $_db;

            function __construct($db){
                parent::__construct();

                $this->_db = $db;
            }

            private function get_user_hash($username){

                try {
                    $stmt = $this->_db->prepare('SELECT password, username, memberID FROM members WHERE username = :username AND active="Yes" ');
                    $stmt->execute(array('username' => $username));

                    return $stmt->fetch();

                } catch(PDOException $e) {
                    echo '<p class="bg-danger">'.$e->getMessage().'</p>';
                }
            }

            public function login($username,$password){

                $row = $this->get_user_hash($username);

                if($this->password_verify($password,$row['password']) == 1){

                    $_SESSION['loggedin'] = true;
                    $_SESSION['username'] = $row['username'];
                    $_SESSION['memberID'] = $row['memberID'];


                    return true;
                }
            }

            public function logout(){
                session_destroy();
            }

            public function is_logged_in(){
                if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
                    return true;
                }
            }

        }


        ?>

    Memberpage.php
        <?php require('includes/config.php'); 



        $memberID = user;
        $stmt = $db->prepare('select rank, memberid from members');
        $stmt->execute();
        while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
            if ($result['rank'] == 7) {
                echo "You are a staff member.";
            } else {
                echo "Hello you are not a staff.";

//When i run this code, it tells me im not staff, even tho i am rank 7.
            }
        }




        //if not logged in redirect to login page
        if(!$user->is_logged_in()){ header('Location: login.php'); } 


        //define page title
        $title = 'Members Page';

        //include header template
        require('layout/header.php'); 
        ?>

        <div class="container">

            <div class="row">

                <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">

                        <h2>Member only page - Welcome <?php echo $_SESSION['username']; ?></h2>
               <p><a href='logout.php'>Logout</a></p>
                        <hr>

                </div>
            </div>


        </div>



        <?php


/*
$stmt = $db->prepare('select Rank, memberID from members');
$stmt->execute();
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
    if ($result['Rank'] == 7) {

        echo "You are a staff member."; 
       echo $result['Rank'];

    } else {
        echo "Hello you are not a staff.";
    }
}
*/
//When i run this code, it works. But it gives me the messages for all registrered users. 
    ?>

登录.php

<?php
//include config
require_once('includes/config.php');

//check if already logged in move to home page
if( $user->is_logged_in() ){ header('Location: index.php'); } 

//process login form if submitted
if(isset($_POST['submit'])){

    $username = $_POST['username'];
    $password = $_POST['password'];

    if($user->login($username,$password)){ 
        $_SESSION['username'] = $username;
        header('Location: memberpage.php');
        exit;

    } else {
        $error[] = 'Wrong username or password or your account has not been activated.';
    }

}//end if submit

//define page title
$title = 'Login';

//include header template
require('layout/header.php'); 
?>


<div class="container">

    <div class="row">

        <div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
            <form role="form" method="post" action="" autocomplete="off">
                <h2>Please Login</h2>
                <p><a href='./'>Back to home page</a></p>
                <hr>

                <?php
                //check for any errors
                if(isset($error)){
                    foreach($error as $error){
                        echo '<p class="bg-danger">'.$error.'</p>';
                    }
                }

                if(isset($_GET['action'])){

                    //check the action
                    switch ($_GET['action']) {
                        case 'active':
                            echo "<h2 class='bg-success'>Your account is now active you may now log in.</h2>";
                            break;
                        case 'reset':
                            echo "<h2 class='bg-success'>Please check your inbox for a reset link.</h2>";
                            break;
                        case 'resetAccount':
                            echo "<h2 class='bg-success'>Password changed, you may now login.</h2>";
                            break;
                    }

                }


                ?>

                <div class="form-group">
                    <input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">
                </div>

                <div class="form-group">
                    <input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">
                </div>

                <div class="row">
                    <div class="col-xs-9 col-sm-9 col-md-9">
                         <a href='reset.php'>Forgot your Password?</a>
                    </div>
                </div>

                <hr>
                <div class="row">
                    <div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Login" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>
                </div>
            </form>
        </div>
    </div>



</div>


<?php 
//include header template
require('layout/footer.php'); 
?>

最佳答案

select 语句中的 where 子句缺少 parameter marker ,例如

SELECT Rank, memberID from members where memberID = ?

然后bindParam必须使用 1 而不是 7,因为它是第一个也是唯一的参数标记

$stmt->bindParam(1,$memberID, PDO::PARAM_INT);
<小时/>

您还可以跳过 bindParam 并将 memberId 作为数组传递给 execute

$stmt->execute(array($memberId));
<小时/>

仅处理一个用户

$memberID = 1234;
$stmt = $db->prepare('select rank, memberid from members where memberid = ?');
$stmt->execute(array($memberID));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result['rank'] == 7) {
    echo "You are a staff member.";
} else {
    echo "Hello you are not a staff.";
}
<小时/>

获取所有用户

$stmt = $db->prepare('select rank, memberid from members');
$stmt->execute();
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
    if ($result['rank'] == 7) {
        echo "You are a staff member.";
    } else {
        echo "Hello you are not a staff.";
    }
}
<小时/>

您在 login 函数中已拥有 $_SESSION['memberID']。所以你可以使用它

$stmt = $db->prepare('select rank, memberid from members where memberid = ?');
$stmt->execute(array($_SESSION['memberID']));

并拥有所需的数据。

<小时/>

更好的是,您可以使用

扩展函数 get_user_hash
// user.php, function get_user_hash()
$stmt = $this->_db->prepare('SELECT password, username, memberID, Rank FROM members WHERE username = :username AND active="Yes" ');

这将一次性提供排名,并避免额外的数据库往返。然后,您可以在函数 login 中保存排名

// user.php, function login()
// ...
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $row['username'];
$_SESSION['memberID'] = $row['memberID'];
$_SESSION['Rank'] = $row['Rank'];

现在您可以检查

// Memberpage.php
if ($_SESSION['Rank'] == 7) {
    echo "You are a staff member.";
} else {
    echo "Hello you are not a staff.";
}

无需执行另一个 SQL 查询。

关于php - 如果 int 具有特定值,则执行某些操作,如果没有,则执行其他操作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41815875/

相关文章:

php - Vagrant 服务器没有出现?

html - 响应式文本标题

php - 有人可以帮助找出这个 PHP 文件中语句的问题吗?

php - Yii 防止客户端验证表单提交

php - MySQL总结一列并按两列分组

php - SELECT ... LIMIT 0,1 语法错误

javascript - 动态创建html文档

php - 将 mysql 数据绘制成图表

php - 如何定位数组中传递的列名来构造数据库查询

javascript - sequelize where 日期子句