Catchable fatal error: Object of class PDO could not be converted to string on line 35
Catchable fatal error: Object of class PDO could not be converted to string on line 35
我正在尝试以用户身份登录,但不知道收到此错误,但是当我第二次尝试时,我将可以访问,但登录后仍然如此,并且在第二次尝试登录后,我无法获取电子邮件从 DB 看来它没有创建 session.Its 只是传递代码而不创建会话。
if (!isset($_SESSION['email']) && isset($_POST['email'])) {
if (!empty($_POST['email']) && !empty($_POST['password'])) {
$email = filter_var($_POST['email'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
$password=sha1($password);
try {
$dbh = new PDO("mysql:host=$hostname; dbname=$database", $username, $pass);
$dbh -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$email = $_POST['email'];
$password = $_POST['password'];
$stmt = $dbh -> prepare("SELECT email, password FROM tbl_user WHERE email = '".$email."' and password = '".$password."'");
$stmt -> bindParam('".$email."', $email, PDO::PARAM_STR);
$stmt -> bindParam('".$password."', $password, PDO::PARAM_STR);
$stmt -> EXECUTE();
$em = $stmt -> fetchColumn();
if ($em == true) {
// session_register("email");
// session_register("password");
$_SESSION['email'] = $_POST['email'];
$_SESSION['START'] = time();
setcookie("username", $_POST['email'], mktime()+(60*3), "/");
setcookie("LUS", time(), mktime()+(60*3), "/");
$stmt -> $dbh -> prepare("SELECT Name FROM tbl_user WHERE email = '".$email."'");
$stmt -> EXECUTE();
$em2 = $stmt -> fetchColumn();
echo "Logged in.";
} else {
echo "email or password is incorrect.";
}
} catch (Exception $e) {
echo "".$e->getMessage();
}
} elseif (empty($_POST['email']) && !empty($_POST['password'])) {
# code...
echo "Error : Enter your E-mail.";
} elseif (!empty($_POST['email']) && empty($_POST['password'])) {
# code...
echo "Error: Enter your Password";
} else {
echo "Error: Enter your E-mail & Password";
}
}
elseif (isset($_SESSION['email'])) {
# code...
echo "Welcome again you still logged in <strong>" .round((time() . $_SESSION['START'])/60) ."</strong> minutes(s) ago <a href='logout.php'>LogOut</a>";
}
elseif (!isset($_SESSION['email'])) {
# code...
echo "You must loggin first.";
//header('location:../index.php');
}
更改第二个准备语句的用法
$stmt -> $dbh -> prepare("SELECT Name FROM tbl_user WHERE email = '".$email."'");
至
$stmt = $dbh -> prepare("SELECT Name FROM tbl_user WHERE email = '".$email."'");
我正在尝试以用户身份登录,但不知道收到此错误,但是当我第二次尝试时,我将可以访问,但登录后仍然如此,并且在第二次尝试登录后,我无法获取电子邮件从 DB 看来它没有创建 session.Its 只是传递代码而不创建会话。
if (!isset($_SESSION['email']) && isset($_POST['email'])) {
if (!empty($_POST['email']) && !empty($_POST['password'])) {
$email = filter_var($_POST['email'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['password'], FILTER_SANITIZE_STRING);
$password=sha1($password);
try {
$dbh = new PDO("mysql:host=$hostname; dbname=$database", $username, $pass);
$dbh -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$email = $_POST['email'];
$password = $_POST['password'];
$stmt = $dbh -> prepare("SELECT email, password FROM tbl_user WHERE email = '".$email."' and password = '".$password."'");
$stmt -> bindParam('".$email."', $email, PDO::PARAM_STR);
$stmt -> bindParam('".$password."', $password, PDO::PARAM_STR);
$stmt -> EXECUTE();
$em = $stmt -> fetchColumn();
if ($em == true) {
// session_register("email");
// session_register("password");
$_SESSION['email'] = $_POST['email'];
$_SESSION['START'] = time();
setcookie("username", $_POST['email'], mktime()+(60*3), "/");
setcookie("LUS", time(), mktime()+(60*3), "/");
$stmt -> $dbh -> prepare("SELECT Name FROM tbl_user WHERE email = '".$email."'");
$stmt -> EXECUTE();
$em2 = $stmt -> fetchColumn();
echo "Logged in.";
} else {
echo "email or password is incorrect.";
}
} catch (Exception $e) {
echo "".$e->getMessage();
}
} elseif (empty($_POST['email']) && !empty($_POST['password'])) {
# code...
echo "Error : Enter your E-mail.";
} elseif (!empty($_POST['email']) && empty($_POST['password'])) {
# code...
echo "Error: Enter your Password";
} else {
echo "Error: Enter your E-mail & Password";
}
}
elseif (isset($_SESSION['email'])) {
# code...
echo "Welcome again you still logged in <strong>" .round((time() . $_SESSION['START'])/60) ."</strong> minutes(s) ago <a href='logout.php'>LogOut</a>";
}
elseif (!isset($_SESSION['email'])) {
# code...
echo "You must loggin first.";
//header('location:../index.php');
}
更改第二个准备语句的用法
$stmt -> $dbh -> prepare("SELECT Name FROM tbl_user WHERE email = '".$email."'");
至
$stmt = $dbh -> prepare("SELECT Name FROM tbl_user WHERE email = '".$email."'");