我正在尝试对我的用户进行排名,从 1 到 7。如果登录用户的排名为 7,请说“您是员工”。如果没有,那就做点别的事。但如果我给用户 1 排名 7,什么也不会发生。然后,如果我给用户 2 排名 7,两个人都会收到消息说您是员工。
我已经为此苦苦挣扎了三天,但没有找出问题所在。我希望网站做的是查明登录用户是否排名为 7(如果有其他用户排名为 7,则只有登录用户排名为 7),如果我的数据库中的其他人排名为 7,而不是您,那么您就是排名 7 的用户。您不应该收到“您是员工”的消息。我有一个名为 GamesNet 的数据库,一个名为 members 的表,我的用户 ID 名为 memberID我还有其他几个名为 username 的专栏, password , email和Rank .
这是一个不错的设置,对吧? 这是我的代码:
$stmt = $db->prepare('SELECT Rank, memberID from members where memberID');
$stmt->bindParam(7,$memberID, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if($result['Rank'] == 7){
echo "You are a staff member.";
}else{
echo "Hello you are not a staff.";
}
?>
编辑:
user.php:
<?php
include('password.php');
class User extends Password{
private $_db;
function __construct($db){
parent::__construct();
$this->_db = $db;
}
private function get_user_hash($username){
try {
$stmt = $this->_db->prepare('SELECT password, username, memberID FROM members WHERE username = :username AND active="Yes" ');
$stmt->execute(array('username' => $username));
return $stmt->fetch();
} catch(PDOException $e) {
echo '<p class="bg-danger">'.$e->getMessage().'</p>';
}
}
public function login($username,$password){
$row = $this->get_user_hash($username);
if($this->password_verify($password,$row['password']) == 1){
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $row['username'];
$_SESSION['memberID'] = $row['memberID'];
return true;
}
}
public function logout(){
session_destroy();
}
public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
}
}
}
?>
Memberpage.php
<?php require('includes/config.php');
$memberID = user;
$stmt = $db->prepare('select rank, memberid from members');
$stmt->execute();
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($result['rank'] == 7) {
echo "You are a staff member.";
} else {
echo "Hello you are not a staff.";
//When i run this code, it tells me im not staff, even tho i am rank 7.
}
}
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
//define page title
$title = 'Members Page';
//include header template
require('layout/header.php');
?>
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<h2>Member only page - Welcome <?php echo $_SESSION['username']; ?></h2>
<p><a href='logout.php'>Logout</a></p>
<hr>
</div>
</div>
</div>
<?php
/*
$stmt = $db->prepare('select Rank, memberID from members');
$stmt->execute();
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($result['Rank'] == 7) {
echo "You are a staff member.";
echo $result['Rank'];
} else {
echo "Hello you are not a staff.";
}
}
*/
//When i run this code, it works. But it gives me the messages for all registrered users.
?>
登录.php
<?php
//include config
require_once('includes/config.php');
//check if already logged in move to home page
if( $user->is_logged_in() ){ header('Location: index.php'); }
//process login form if submitted
if(isset($_POST['submit'])){
$username = $_POST['username'];
$password = $_POST['password'];
if($user->login($username,$password)){
$_SESSION['username'] = $username;
header('Location: memberpage.php');
exit;
} else {
$error[] = 'Wrong username or password or your account has not been activated.';
}
}//end if submit
//define page title
$title = 'Login';
//include header template
require('layout/header.php');
?>
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form role="form" method="post" action="" autocomplete="off">
<h2>Please Login</h2>
<p><a href='./'>Back to home page</a></p>
<hr>
<?php
//check for any errors
if(isset($error)){
foreach($error as $error){
echo '<p class="bg-danger">'.$error.'</p>';
}
}
if(isset($_GET['action'])){
//check the action
switch ($_GET['action']) {
case 'active':
echo "<h2 class='bg-success'>Your account is now active you may now log in.</h2>";
break;
case 'reset':
echo "<h2 class='bg-success'>Please check your inbox for a reset link.</h2>";
break;
case 'resetAccount':
echo "<h2 class='bg-success'>Password changed, you may now login.</h2>";
break;
}
}
?>
<div class="form-group">
<input type="text" name="username" id="username" class="form-control input-lg" placeholder="User Name" value="<?php if(isset($error)){ echo $_POST['username']; } ?>" tabindex="1">
</div>
<div class="form-group">
<input type="password" name="password" id="password" class="form-control input-lg" placeholder="Password" tabindex="3">
</div>
<div class="row">
<div class="col-xs-9 col-sm-9 col-md-9">
<a href='reset.php'>Forgot your Password?</a>
</div>
</div>
<hr>
<div class="row">
<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Login" class="btn btn-primary btn-block btn-lg" tabindex="5"></div>
</div>
</form>
</div>
</div>
</div>
<?php
//include header template
require('layout/footer.php');
?>
最佳答案
select 语句中的 where 子句缺少 parameter marker ,例如
SELECT Rank, memberID from members where memberID = ?
然后bindParam必须使用 1 而不是 7,因为它是第一个也是唯一的参数标记
$stmt->bindParam(1,$memberID, PDO::PARAM_INT);
您还可以跳过 bindParam 并将 memberId 作为数组传递给 execute
$stmt->execute(array($memberId));
仅处理一个用户
$memberID = 1234;
$stmt = $db->prepare('select rank, memberid from members where memberid = ?');
$stmt->execute(array($memberID));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result['rank'] == 7) {
echo "You are a staff member.";
} else {
echo "Hello you are not a staff.";
}
获取所有用户
$stmt = $db->prepare('select rank, memberid from members');
$stmt->execute();
while ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($result['rank'] == 7) {
echo "You are a staff member.";
} else {
echo "Hello you are not a staff.";
}
}
您在 login 函数中已拥有 $_SESSION['memberID']。所以你可以使用它
$stmt = $db->prepare('select rank, memberid from members where memberid = ?');
$stmt->execute(array($_SESSION['memberID']));
并拥有所需的数据。
<小时/>更好的是,您可以使用
扩展函数get_user_hash
// user.php, function get_user_hash()
$stmt = $this->_db->prepare('SELECT password, username, memberID, Rank FROM members WHERE username = :username AND active="Yes" ');
这将一次性提供排名,并避免额外的数据库往返。然后,您可以在函数 login 中保存排名
// user.php, function login()
// ...
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $row['username'];
$_SESSION['memberID'] = $row['memberID'];
$_SESSION['Rank'] = $row['Rank'];
现在您可以检查
// Memberpage.php
if ($_SESSION['Rank'] == 7) {
echo "You are a staff member.";
} else {
echo "Hello you are not a staff.";
}
无需执行另一个 SQL 查询。
关于php - 如果 int 具有特定值,则执行某些操作,如果没有,则执行其他操作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/41815875/