常量只包含数据库连接的详细信息
require_once 'includes/constants.php';
class mysql{
private $conn;
function __construct(){
$this->conn = $conn = new MySQLi(DB_SERVER, DB_USER, DB_PASSWORD, DB_NAME)
or die ('There was an error in the connection');
}
function verify ($un, $pwd){
$query = "SELECT * FROM User WHERE username = ? AND pass = ? LIMIT 1";
if ($stmt = $this->conn->prepare($query))
{
$stmt->bind_param('ss', $un, $pwd);
$stmt->execute();
if ($stmt->fetch());{
$stmt->close();
return true;
}
}
}
}
?>
un和pwd是从登录页面中传递的,它们是从用户输入中提取的,我遇到的问题是,无论用户输入什么,用户总是登录的,它似乎无法根据数据库正确验证
更改此
if ($stmt->fetch());{
$stmt->close();
return true;
}
至
if ($stmt->fetch()){
$stmt->close();
return true;
}else
{ return false;}
if ($stmt->fetch());{
^------- THIS!
$stmt->close();
return true;
}
这个if后面跟一个空语句,后面是一个新的语句块{...}。if仅与空语句相关联,因此始终执行以下块。
举例说明:
if (false)
/* do nothing */;
{
echo 'always goes here';
}
去掉多余的;。