我正在检查两个表中是否存在用户名和密码组合?
我正在使用绑定参数在PDO中执行此操作。页面执行后显示错误:currently unable to handle this request.
这是我的代码:
$stmtus = $conn->prepare("Select
case
when exists (
Select 1 from School_Profile
where aes_decrypt(SchoolEmail, 'SALT') = :Username and password = :Password
) then 'Admin'
when exists (
Select 1 from NonAdminUsers
where aes_decrypt(Nuser, 'SALT') = :Username and Npassword = :Password
) then 'Non Admin'
else 'Unknown'
end result");
$stmtus->bindParam(':Username', $username);
$stmtus->bindParam(':Password', $password);
$username = htmlspecialchars($_POST['username'], ENT_QUOTES, 'UTF-8');
$password = htmlspecialchars($_POST['password'], ENT_QUOTES, 'UTF-8');
$stmtus -> execute();
我的错误日志显示:
PHP Fatal error: Uncaught Error: Call to a member function prepare() on null in
答案 0 :(得分:1)
据我所知,您不能多次重复使用命名参数,这很可能是错误的根源。因此,为了快速解决,不要重复使用相同的参数两次或多次:
$stmtus = $conn->prepare("SELECT
CASE WHEN EXISTS (
SELECT 1 FROM School_Profile
WHERE AES_DECRYPT(SchoolEmail, 'SALT') = :user1 AND password = :pass1)
THEN 'Admin'
WHEN EXISTS (
SELECT 1 FROM NonAdminUsers
WHERE AES_DECRYPT(Nuser, 'SALT') = :user2 AND Npassword = :pass2)
THEN 'Non Admin'
ELSE 'Unknown'
END result");
$stmtus->bindParam(':user1', $username);
$stmtus->bindParam(':pass1', $password);
$stmtus->bindParam(':user2', $username);
$stmtus->bindParam(':pass2', $password);
$username = htmlspecialchars($_POST['username'], ENT_QUOTES, 'UTF-8');
$password = htmlspecialchars($_POST['password'], ENT_QUOTES, 'UTF-8');
$stmtus->execute();