我正在尝试用PHP编写一个参数化登录函数。函数应该获得$id和$pass bind-and-execute语句,并从数据库中返回一个带有$id、$password和$user_first_name的关联数组。检查用户id和密码验证,如果为true,则会话应启动并使用数据库中的用户名设置会话。出于某种原因,我不能让它工作。有什么建议吗?谢谢
public function logIn($id, $password)
{
$stmt = $this->link->prepare("SELECT user_id, user_name, user_password FROM Users WHERE user_id = ? ");
$stms->bind_param('i', $user_id);
if ($stmt->execute())
{
$result = $stmt->get_result();
while($row = $result->fetch_array(MYSQLI_ASSOC))
{
$dbuser_id = $row['user_id'];
$dbpassword = $row['user_password'];
$dbuser_first_name = $row['user_first_name'];
}
if($id == $dbuser_id and $password == $dbpassword)
{
session_start();
$_SESSION['session_user_first_name'] = $dbuser_first_name;
}
else
{
session_unset();
echo "Credentials do not match";
}
}
}
您有
$stms->bind_param('i', $user_id);
但你的函数签名是:
public function logIn($id, $password)
所以你可能想要:
$stms->bind_param('i', $id);
查看$stms->bind_param('i', $user_id);:
stms应为stmt$user_id应为$id