0

Web サイトにログインしようとすると、次のエラー メッセージが表示されます: データベース エラー: SQLSTATE[HY093]: 無効なパラメーター番号: パラメーターが定義されていません。これが私のコードです:

<?php
//declaring variables and assigning values from log in form

//validate text was entered in UserName text box
if(empty($_POST['txtUserName']))
    {
        showForm(null);
        exit();
    }
else
    {
        $User_Name = $_POST['txtUserName'];
    }

//validate text was entered in password text box
if(empty($_POST['txtPassword']))
    {
        showForm(null);
        exit();
    }
else
    {
        $Password = $_POST['txtPassword'];
    }

if ($PasswordForm != Password($User_Name))
{
    showForm('Customer ID and Password did not match. Please try again!');
    exit();
}


function Password($User_Name)
{   
//$UserName = $_GET['txtUserName'];
//$Password = $_GET['txtPassword'];

//declare and assign values to variables
$dsn = 'mysql:host=XXX;dbname=XXX';
$username='XXX';
$password='XXX';
//variable for errors
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
//try to run code
try {
//object to open database
$db = new PDO($dsn,$username,$password, $options);
//check username against password
    $SQL = $db->prepare("Select Password from user where USER_NAME = :USER_NAME");
    $SQL->bindValue(':User_Name', $User_Name);
    $SQL->execute();
    $username = $SQL->fetch();

    if($username === false)
        {
            $Password = null;
        }
    else
        {
            $Password = $username['Password'];
        }

    return $Password;
    $SQL->closeCursor();
    $db = null;

    } catch(PDOException $e){
        $error_message = $e->getMessage();
        echo("<p>Database Error: $error_message</p>");
        exit();
    }

}
function showForm($formMessage = "Please Enter Valid User ID and Password")
{ ?>
4

2 に答える 2

0 
<?php
//declaring variables and assigning values from log in form

//validate text was entered in UserName text box
if(empty($_POST['txtUserName']))
    {
        showForm(null);
        exit();
    }
else
    {
        $User_Name = $_POST['txtUserName'];
    }

//validate text was entered in password text box
if(empty($_POST['txtPassword']))
    {
        showForm(null);
        exit();
    }
else
    {
        $Password = $_POST['txtPassword'];
    }

if ($Password != Password($User_Name))
{
    include "teamc/index.php";
} 
else
{
    showForm('Customer ID and Password did not match. Please try again!');
    exit();
}


function Password($User_Name)
{   
//$UserName = $_GET['txtUserName'];
//$Password = $_GET['txtPassword'];

//declare and assign values to variables
$dsn = 'mysql:host=XXX;dbname=XXX';
$username='XXX';
$password='XXX';
//variable for errors
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
//try to run code
try {
//object to open database
$db = new PDO($dsn,$username,$password, $options);
//check username against password
    $SQL = $db->prepare("Select USER_PASSWORD FROM user WHERE USER_NAME = :USER_NAME");
    $SQL->bindValue(':USER_NAME', $User_Name);
    $SQL->execute();
    $username = $SQL->fetch();

    if($username === false)
        {
            $Password = null;
        }
    else
        {
            $Password = $username['USER_PASSWORD'];
        }

    return $Password;
    $SQL->closeCursor();
    $db = null;

    } catch(PDOException $e){
        $error_message = $e->getMessage();
        echo("<p>Database Error: $error_message</p>");
        exit();
    }

}
function showForm($formMessage = "Please Enter Valid User ID and Password")
{ ?>
于 2013-03-04T23:14:00.087 に答える
0

PHP は大文字と小文字を区別します。つまり、:User_Name は :USER_NAME と同じではありません。

したがって、変更

:USER_NAME to :User_Name
于 2013-03-04T19:55:40.860 に答える