我知道我的问题对任何人来说都很容易。刚学PHP快一个月了。我尝试使用 OOP 风格执行我的登录系统。我需要以默认用户身份登录,用户名和密码都是 admin。当我尝试登录时,它说找不到对象。
下面是我的代码。
表:
CREATE TABLE loginmodule
(
loginId INT PRIMARY KEY AUTO_INCREMENT,
loginUsername VARCHAR(50),
loginPassword VARCHAR(50)
)
这是我的登录脚本。
loginMe.php
<?php
require_once('../connection/connection.php');
require_once('../connection/loginCRUD.php');
require_once('../process/createProcess.php');
?>
<!doctype html>
<html>
<head>
<title>Login Frame</title>
</head>
<body>
<div id = "container">
<h1>Login</h1>
<form action = "post" action = "../process/createProcess.php">
<div class = "form-field">
<input type = "text" id = "username" name = "loginUsername" placeholder = "Enter Username">
</div>
<div class = "form-field">
<input type = "password" id = "password" name = "loginPassword" placeholder = "Enter Password">
</div>
<div class = "form-field">
<input type = "submit" id = "submit" name = "submit" value = "Login">
</div>
</form>
</div><!--- end container --->
</body>
</html>
所以我将 CRUD 放在另一个文件中。 loginCRUD.php
<?php
error_reporting(0);
class CRUD
{
public function readLogin($dbusername,$dbpassword)
{
global $myDatabase;
$result = $myDatabase->query("SELECT * FROM loginmodule WHERE loginUsername = '$dbusername' AND loginPassword = '$dbpassword'");
if($result->num_rows > 0)
{
$row = $result->fetch_assoc();
return $row;
}
}
}
?>
最后,我还搁置了进行验证的流程。 createProcess.php
<?php
require_once('../connection/connection.php');
require_once('../connection/loginCRUD.php');
session_start();
$dbusername = $_POST['loginUsername']; //Get the value from textfield.
$dbpassword = $_POST['loginPassword'];
if(!empty($dbusername) && !empty($dbpassword))
{
if($loginUsername == $dbusername && $loginPassword == $dbpassword)
{
$create = loginCRUD::readLogin($dbusername,$dbusername);
echo "You are logged in!";
@$_SESSION['loginUsername'] = $loginUsername;
}
}
?>
如果我错过了什么,请指导我。如果有比这更快捷的样式,请告诉我:)
最佳答案
您的代码中有几个错误,例如:
您的
form标记中有两个操作属性。<form action = "post" action = "../process/createProcess.php"> ^ ^应该是
<form method="post" action="../process/createProcess.php">在 createProcess.php 页面上,查看以下几行,
1) if($loginUsername == $dbusername && $loginPassword == $dbpassword) ^ ^没有名为
$loginUsername和$loginPassword的变量2) $create = loginCRUD::readLogin($dbusername,$dbusername); ^ ^ both the arguments are same您以错误的方式调用
readLogin()方法。您应该首先创建类CRUD的实例,然后调用它的实例方法readLogin(),如下所示:(new CRUD)->readLogin($dbusername,$dbpassword); 3) $_SESSION['loginUsername'] = $loginUsername;正如我所说,没有名为
$loginUsername的变量。应该是,$_SESSION['loginUsername'] = $dbusername;始终在 PHP 脚本的最顶部、PHP 开始标记之后启动 session ,如下所示:
<?php session_start(); // your code您的查询容易受到 SQL 注入(inject)的影响。使用准备好的语句 mysqli防止任何类型的 SQL 注入(inject)。 And this is how you can prevent SQL injection in PHP 。
切勿将密码存储为纯可读文本,始终执行 salted password hashing在将原始密码插入到表中之前。
建议:不要在代码中使用
global。 Why Globals are evil?
所以你的代码应该是这样的:
CRUD 类:
class CRUD{
public function readLogin($dbusername,$dbpassword){
global $myDatabase;
$statement = $myDatabase->prepare("SELECT * FROM loginmodule WHERE loginUsername = ? AND loginPassword = ? LIMIT 1");
$statement->bind_param("ss", $dbusername, $dbpassword);
if($statement->execute()){
$result = $statement->get_result();
if($result->num_rows){
$row = $result->fetch_assoc();
return $row;
}else{
return false;
}
}else{
return false;
}
}
}
createProcess.php
if(isset($_POST['submit'])){
$dbusername = $_POST['loginUsername'];
$dbpassword = $_POST['loginPassword'];
if(!empty($dbusername) && !empty($dbpassword)){
if((new CRUD)->readLogin($dbusername,$dbpassword)){
echo "You are logged in!";
$_SESSION['loginUsername'] = $dbusername;
// redirect the user to the home page
}else{
echo "Incorrect username and/or password";
}
}
}
HTML
<div id = "container">
<h1>Login</h1>
<form method = "post" action = "../process/createProcess.php">
<div class = "form-field">
<input type = "text" id = "username" name = "loginUsername" placeholder = "Enter Username">
</div>
<div class = "form-field">
<input type = "password" id = "password" name = "loginPassword" placeholder = "Enter Password">
</div>
<div class = "form-field">
<input type = "submit" id = "submit" name = "submit" value = "Login">
</div>
</form>
</div>
关于php - 在登录系统中执行 OOP 风格,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37122127/