我正在学习一门关于PHP的在线课程,我必须解决一个将过程脚本转换为OOP的练习。该脚本是关于使用PDO连接到MySQL,并创建一个类进行连接和登录。
我有这个类来创建一个到数据库的连接:
var $db_host, $db_name, $db_user, $db_pass, $connection;
function __construct($host = "localhost", $name="sigmas", $user="root", $pass="ithss")
{
$this->db_host = $host;
$this->db_name = $name;
$this->db_user = $user;
$this->db_pass = $pass;
}
public function connect()
{
$connection = new PDO("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass);
$connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $connection;
}
function login($conn, $user, $pass, $msg='')
{
$this->conn = $connetion;
$this->username = $user;
$this->password = $pass;
if($username == "" || $password == "")
{
$this->msg = "Please add user name and password";
}
else
{
$sql = "SELECT * FROM login WHERE user_name = :user";
$stmt = $conn->prepare($sql);
$stmt->bindValue(':user', $username);
$stmt->execute();
$result = $stmt->fetchAll();
if($result)
{
if(session_status() == PHP_SESSION_NONE)
{
session_start();
foreach($result as $row)
{
if(password_verify($password, $row['pass']))
{
$_SESSION['userid'] = $row['user_id'];
$_SESSION['role'] = $row['user_role'];
header("Location: index.php");
}
}
}
}
else
{
header("Location: wrong.php");
}
}
}
我需要将其包含在我的登录页面中:
include('classes.php');
if(isset($_POST['login_btn']))
{
$username = $_POST['user_name'];
$password = $_POST['user_pass'];
$log = new myClass();
$log->connect();
$log->login($conn, $username, $password, $msg);
}
这是我的HTML表单:
<form class="form-signin" action="" method="POST">
<input type="text" class="form-control" name="user_name" placeholder="Username" required autofocus>
<input type="password" class="form-control" name="user_pass" placeholder="Password" required>
<button class="btn btn-lg btn-primary btn-block" name="login_btn" type="submit">
Sign in</button>
</form>
但我有这些错误:
注意:未定义的变量:classes.php 中的db_host
注意:classes.php 中未定义的变量:db_name
注意:未定义的变量:classes.php 中的connetion
注意:classes.php 中未定义的变量:username
在connect()方法中查看这一行
$connection = new PDO("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass);
变量$db_host、$db_name、$db_user和db_pass在您的方法范围内不可用。
所以你的connect()方法应该是这样的:
public function connect()
{
$this->connection = new PDO("mysql:host={$this->db_host};dbname={$this->db_name}", $this->db_user, $this->db_pass);
$this->connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $this->connection;
}
更新:
首先,始终在PHP脚本的顶部开始会话,如下所示:
<?php
session_start();
// your code
然后,声明必要的实例变量,而不是使用password_verify()函数,创建一个private实例方法来验证密码,如下所示:
private function password_verify($user_pass, $orig_pass){
// Compare user's password with the original password
}
所以解决方案是:
保持你的HTML表单原样。提交后,像这样处理你的表单:
session_start();
include('classes.php');
if(isset($_POST['login_btn'])){
$username = $_POST['user_name'];
$password = $_POST['user_pass'];
$log = new myClass();
$log->connect();
if($log->login($username, $password)){
// Login successful
// redirect the user to a different page
header("Location: process.php");
exit();
}else{
// Incorrect username and/or password
// display error message
echo $log->msg;
}
}
这是修改后的myClass类,
class myClass{
private $db_host;
private $db_name;
private $db_user;
private $db_pass;
private $connection;
public $msg;
function __construct($host = "localhost", $name="sigmas", $user="root", $pass="ithss"){
$this->db_host = $host;
$this->db_name = $name;
$this->db_user = $user;
$this->db_pass = $pass;
}
public function connect(){
$this->connection = new PDO("mysql:host={$this->db_host};dbname={$this->db_name}", $this->db_user, $this->db_pass);
$this->connection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $this->connection;
}
public function login($user, $pass){
if(empty($user) || empty($pass)){
$this->msg = "Please fill the credentials";
}else{
$sql = "SELECT * FROM login WHERE user_name = :user LIMIT 1";
$stmt = $this->connection->prepare($sql);
$stmt->bindValue(':user', $user);
$stmt->execute();
$result = $stmt->fetchAll();
if($result){
$row = array_shift($result);
if($this->password_verify($pass, $row['pass'])){
$_SESSION['userid'] = $row['user_id'];
$_SESSION['role'] = $row['user_role'];
return true;
}else{
$this->msg = "Incorrect username and/or password";
return false;
}
}else{
$this->msg = "Incorrect username and/or password";
return false;
//header("Location: wrong.php");
}
}
}
private function password_verify($user_pass, $orig_pass){
// Compare user's password with the original password
}
}
$connection = new PDO("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass);
使用类似于的$this->db_user和$this->db_pass
$connection = new PDO("mysql:host={$db_host};dbname={$db_name}", $this->db_user, $this->db_pass);