获取登录的用户数据
所以我有这个数据库和这个代码。此代码将使用户能够登录具有会话的页面 登录表格(login.php)
<?php
require("common.php");
$submitted_username = '';
if(!empty($_POST))
{
$query = "
SELECT
id,
username,
password,
salt,
email
FROM users
WHERE
username = :username
";
$query_params = array(
':username' => $_POST['username']
);
try
{
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$login_ok = false;
$row = $stmt->fetch();
if($row)
{
$check_password = hash('sha256', $_POST['password'] . $row['salt']);
for($round = 0; $round < 65536; $round++)
{
$check_password = hash('sha256', $check_password . $row['salt']);
}
if($check_password === $row['password'])
{
$login_ok = true;
}
}
if($login_ok)
{
unset($row['salt']);
unset($row['password']);
$_SESSION['user'] = $row;
header("Location: private.php");
die("Redirecting to: private.php");
}
else
{
print("Login Failed.");
$submitted_username = htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8');
}
}
?>
<h1>Login</h1>
<form action="login.php" method="post">
Username:<br />
<input type="text" name="username" value="<?php echo $submitted_username; ?>" />
<br /><br />
Password:<br />
<input type="password" name="password" value="" />
<br /><br />
<input type="submit" value="Login" />
</form>
<a href="register.php">Register</a>
会话(common.php)
<?php
// These variables define the connection information for your MySQL database
$username = "root";
$password = "";
$host = "localhost";
$dbname = "phplogin";
$options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
try
{
$db = new PDO("mysql:host={$host};dbname={$dbname};charset=utf8", $username, $password, $options);
}
catch(PDOException $ex)
{
die("Failed to connect to the database: " . $ex->getMessage());
}
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc())
{
function undo_magic_quotes_gpc(&$array)
{
foreach($array as &$value)
{
if(is_array($value))
{
undo_magic_quotes_gpc($value);
}
else
{
$value = stripslashes($value);
}
}
}
undo_magic_quotes_gpc($_POST);
undo_magic_quotes_gpc($_GET);
undo_magic_quotes_gpc($_COOKIE);
}
header('Content-Type: text/html; charset=utf-8');
session_start();
?>
显示页面(private.php)
<?php
require("common.php");
if(empty($_SESSION['user']))
{
header("Location: login.php");
die("Redirecting to login.php");
}
?>
<?php
$query = "
SELECT
id,
username,
email,
task,
task_name
FROM users
";
try
{
$stmt = $db->prepare($query);
$stmt->execute();
}
catch(PDOException $ex)
{
die("Failed to run query: " . $ex->getMessage());
}
$rows = $stmt->fetchAll();
?>
<h1>Memberlist</h1>
<table border='1'>
<tr>
<th>User</th>
<th>E-Mail Address</th>
<th>Task Name</th>
<th>Task Description</th>
</tr>
<?php foreach($rows as $row): ?>
<tr>
<td><?php echo htmlentities($row['username'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($row['email'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($row['task_name'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($row['task'], ENT_QUOTES, 'UTF-8'); ?></td>
</tr>
<?php endforeach; ?>
</table><br />
我想要做的是显示当前登录用户的数据。例如,当user1登录他的个人资料中的每个细节时,将显示用户名,电子邮件,任务和任务名称,但在我的代码中,它将显示每个人的详细信息。
2 个答案:
答案 0 :(得分:1)
您的select查询错误
$query = "
SELECT
id,
username,
email,
task,
task_name
FROM users WHERE username = '".$_SESSION['user']['username']."'
";
不需要foreach
<tr>
<td><?php echo htmlentities($rows['username'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($rows['email'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($rows['task_name'], ENT_QUOTES, 'UTF-8'); ?></td>
<td><?php echo htmlentities($rows['task'], ENT_QUOTES, 'UTF-8'); ?></td>
</tr>
答案 1 :(得分:1)
在您的private.php页面中更改如下所示的查询:
$query = "
SELECT
id,
username,
email,
task,
task_name
FROM users
WHERE id = '".$_SESSION['user']['id']."'
";
此处$_SESSION['user']['id']包含登录用户的ID,因此仅在mysql中使用WHERE获取该用户的详细信息。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?