我在后台做了一个登录表单,但无论我输入登录名和密码,我都会一直得到重定向
else {
header('Location: ../auth/login.php?error=1');
我的代码是:
<?php
session_start();
require_once('../connexion.php');
$login = isset($_POST['login']) ? $_POST['login'] : null;
$pass = isset($_POST['mdp']) ? ($_POST['mdp']) : null;
var_dump($_POST);
$sql = 'SELECT * FROM users WHERE login = ''' . $login . ''' AND pass = ''' . $pass . '''';
var_dump($sql);
$req = $connexion->prepare($sql);
var_dump($req);
$result = $req->execute(array('login' => $login, 'mdp' => $pass));
var_dump($result);
if($result == true ){
$_SESSION['logged'] = true;
header('Location: ../admin_panel.php');
} else {
header('Location: ../auth/login.php?error=1');
}
?>
我的 vardump 在 $result 返回总是正确的
**
array (size=2)
'login' => string 'dsfc' (length=4)
'mdp' => string 'sdf' (length=3)
string 'SELECT * FROM users WHERE login = 'dsfc' AND pass = 'sdf'' (length=57)
object(PDOStatement)[2]
public 'queryString' => string 'SELECT * FROM users WHERE login = 'dsfc' AND pass = 'sdf'' (length=57)
boolean true**
我不明白为什么无论我放在表格中$result都是真的。
感谢您的帮助!
----------------编辑----------------
我改变了一点准备,但仍然不起作用,但现在我的 vardump $_POST 没有阅读我在表格中输入的内容
$sql = 'SELECT * FROM users WHERE login = :login AND pass = :mdp';
var_dump($sql);
$req = $connexion->prepare($sql);
var_dump($req);
$result = $req->execute(array(':login' => $login, ':mdp' => $pass));
尝试使用三重相等 (===)
if($result === true ){
//something here
}