我有一个 <bindings>
<customBinding>
<binding name="BinaryCompressionBinding">
<binaryMessageEncoding compressionFormat ="GZip"/>
<httpTransport />
</binding>
</customBinding>
<webHttpBinding>
<binding closeTimeout="00:10:00" transferMode="StreamedResponse" openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00" maxBufferSize="2147483647" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647"/>
</binding>
</webHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="myServiceBehavior" name="SMS.Example.Service">
<endpoint address="" behaviorConfiguration="customBinding" binding="customBinding" name="customBinding" contract="SMS.Example.IService"/>
<endpoint address="mex" binding="mexHttpBinding" name="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
页面,可以检索并匹配注册用户的Login.php和email address,如下所示:
password
一切顺利。但是,如果我将<?php # login.php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Initialize an error array.
$errors = array();
//Flag variables
$e = $p = FALSE;
// Trim all the incoming data:
$trimmed = array_map('trim', $_POST);
//Validate the email
if (!empty($trimmed['email'])) {
$e = $trimmed['email'];
} else {
$errors[] = 'You forgot to enter your email address!';
}
// Validate the password:
if (!empty($trimmed['pass'])) {
$p = $trimmed['pass'];
} else {
$errors[]= 'You forgot to enter your password!';
}
if ($e && $p) { //OK
$q = "SELECT * FROM users WHERE email = ?";
//Prepare the statement
$stmt = $mysqli->prepare($q);
//Bind the parameters
$stmt->bind_param('s', $email) ;
//Assign values to variables
$email = $e;
//Execute the statement
$stmt->execute();
//Store the statement
$stmt->store_result();
$row_cnt = $stmt->num_rows;
echo $row_cnt;
}else{// If everything wasn't OK.
foreach ($errors as $msg) { // Print each error.
echo "- $msg<br />\n";
}
echo 'Please try again!';
}//end of IF($e && $p)
}
?>
<form action="login.php" method="post" id="loginForm">
<fieldset>
<p><b>Email</b><input type="email" name="email" ></p>
<p><b>Password</b><input type="password" name="pass"> </p>
</fieldset>
<p><input type="submit" value="Login" id="submit"></p>
检查添加到pass中的 WHERE ,就像这样:
select query $q = "SELECT * FROM users WHERE email = ? AND pass =?";
//Prepare the statement
$stmt = $mysqli->prepare($q);
//Bind the parameters
$stmt->bind_param('ss', $email, $pass) ;
//Assign values to variables
$email = $e;
$pass = SHA1('$p');
总是返回0,即使我提交的密码与数据库中$row_cnt表中的密码匹配或不匹配。
我做错了什么,拜托?我是否为users变量分配了正确的值,还是其他什么?
注意:我在注册过程中应用了$pass。
答案 0 :(得分:1)
您的错误似乎是使用单引号进行变量替换,如下所示:
$pass = SHA1('$p');
当您使用单引号时,PHP不会替换变量的内容,因此该行实际上意味着值为$p的字符串。你要么必须使用双引号
$pass = SHA1("$p");
或直接使用变量
$pass = SHA1($p);