公共職能不執行

我有一個用戶類，它將用戶保存到我的MySQL數據庫。這很好，但我試圖記錄新用戶和對現有用戶所做的更改。此日誌記錄功能未執行，我查詢的查詢不會返回任何錯誤。公共職能不執行

用戶等級：

class User 
{ 
    private $db; 

    function __construct($db_con) 
    { 
     $this->db = $db_con; 
    } 

    public function log_change_user($id, $action) 
    { 
     $usr_name = get_name($this->db, $id, 'full'); 
     $cur_user = $_SESSION['user_id']; 
     if($action == 'new') 
     { 
      $log_act = 0; 
     } 
     else if($action == 'edit') 
     { 
      $log_act = 1; 
     } 
     else if($action == 'delete') 
     { 
      $log_act = 2; 
     } 
     try { 
      $stmt = $this->db->prepare("INSERT INTO mainlog (user, action, type, subject_id, subj_name, cdate) VALUES (:user_id, :action, 0, :id, :subj_name, now())"); 
      $stmt->bindParam(":user_id", $cur_user); 
      $stmt->bindParam(":action", $log_act); 
      $stmt->bindParam(":id", $id); 
      $stmt->bindParam(":subj_name", $usr_name); 

      $stmt->execute(); 

      return $stmt; 
     } 
     catch(PDOException $e) 
     { 
      echo $e->getMessage(); 
     } 

    } 

    public function register($user_id, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob) 
    { 
     try 
     { 
      if($pass !== null) 
      { 
       $new_password = password_hash($pass, PASSWORD_DEFAULT); 

       $stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, password, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :pass, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, password=:pass, role=:role, phone=:phone, dob=:dob, edate=now()"); 

       $stmt->bindparam(":pass", $new_password); 
      } 
      else 
      { 
       $stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, role=:role, phone=:phone, dob=:dob, edate=now()"); 

      } 

      $stmt->bindParam(":id", $user_id); 
      $stmt->bindparam(":fname", $fname); 
      $stmt->bindparam(":lname", $lname); 
      $stmt->bindparam(":prefix", $prefix); 
      $stmt->bindparam(":email", $email); 

      $stmt->bindparam(":role", $role); 
      $stmt->bindparam(":phone", $phone); 
      $stmt->bindparam(":dob", $dob); 

      $stmt->execute(); 

     } 
     catch(PDOException $e) 
     { 
      echo $e->getMessage(); 
     }  
    } 

    public function login($email, $pass) 
    { 
     try 
     { 
      $stmt = $this->db->prepare("SELECT id, password, role FROM users WHERE email=:email LIMIT 1"); 
      $stmt->execute(array(':email' => $email)); 
      $row = $stmt->fetch(PDO::FETCH_ASSOC); 
      if($stmt->rowCount() > 0) 
      { 
       if(password_verify($pass, $row['password'])) 
       { 
        $_SESSION['user_id'] = $row['id']; 
        $_SESSION['user_role'] = $row['role']; 
        return true; 
       } 
       else 
       { 
        return false; 
       } 
      } 
     } 
     catch(PDOException $e) 
     { 
      echo $e->getMessage(); 
     } 
    } 

    public function is_loggedin() 
    { 
     if(isset($_SESSION['user_id'])) 
     { 
      return true; 
     } 
     else 
     { 
      return false;  
     } 
    } 

    public function redirect($view) 
    { 
     $_GET['view'] = $view; 
    } 

    public function logout() 
    { 
     session_destroy(); 
     unset($_SESSION['user_id']); 
     unset($_SESSION['user_role']); 
     return true; 
    } 

}

我的Ajax調用中使用的users.php：

require_once('../../../../config/config.php'); 

if(isset($_POST['add_user'])) 
{ 
    if($_POST['add_user'] == true) 
    { 
     $fname = $_POST['fname']; 
     $lname = $_POST['lname']; 
     $prefix = $_POST['prefix']; 
     $email = $_POST['email']; 
     if(isset($_POST['pass'])) 
     { 
      $pass = $_POST['pass']; 
     } 
     else 
     { 
      $pass = ''; 
     } 
     $role = $_POST['role']; 
     $phone = $_POST['phone']; 
     $dob = date('Y-m-d', strtotime($_POST['dob'])); 

     $add_user = new User($db_con); 

     if($add_user->register(null, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob)) 
     { 
      return true; 
     } 
     else 
     { 
      return false; 
     } 

    } 
    else if($_POST['add_user'] == false) 
    { 
     $user_id = $_POST['uid']; 
     $fname = $_POST['fname']; 
     $lname = $_POST['lname']; 
     $prefix = $_POST['prefix']; 
     $email = $_POST['email']; 
     $role = $_POST['role']; 
     $phone = $_POST['phone']; 
     $dob = date('Y-m-d', strtotime($_POST['dob'])); 

     $edit_user = new User($db_con); 

     if($edit_user->register($user_id, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob)) 
     { 
      $edit_user->log_change_user($user_id, 'edit'); 
      return true; 

     } 
     else 
     { 
      return false; 
     } 
    } 
} 

if(isset($_POST['delete_user'])) 
{ 
    $id = $_POST['delete_user']; 
    $stmt = $db_con->prepare("DELETE FROM users WHERE id=:id"); 
    //add_log_entry($db_con, $_SESSION['user_id'], 2, 0, $id); 
    if($stmt->execute(array(':id' => $id))) 
    { 
     echo true; 
    } 
    else 
    { 
     echo false; 
    } 

} 

if(isset($_POST['get_user_data'])) 
{ 
    $id = $_POST['get_user_data']; 
    $stmt = $db_con->prepare("SELECT * FROM users WHERE id=:id"); 
    $stmt->execute(array(':id' => $id)); 
    $record = $stmt->fetch(PDO::FETCH_OBJ); 

    echo json_encode($record); 

} 

if(isset($_POST['user_full_name'])) 
{ 
    $id = $_POST['user_full_name']; 
    echo get_name($db_con, $id, 'full'); 
}

來源

2016-05-23 MartijnICU

你檢查'$ _ POST [...] == FALSE'但將「從不」這樣的情況，因爲POST數據總是字符串（從來不是，但這只是一個錯誤的假設）。 – apokryfos

我不知道，但由ajax調用發送的數據將'$ _POST ['add_user']'設置爲true或false。 – MartijnICU

它可能是'$ _POST ['add_user'] =='true''或'$ _POST ['add_user'] =='false''（注意引號）。我會做一個：'filter_input（INPUT_POST，'add_user'，FILTER_VALIDATE_BOOLEAN）'將字符串布爾值恢復爲正常的布爾值。 – apokryfos

有兩個問題在此代碼：

你假設你的register功能將成功返回true，但事實並非如此。

你需要解決這個問題。

public function register($user_id, $fname, $lname, $prefix, $email, $pass, $role, $phone, $dob) 
    { 
     try 
     { 
      if($pass !== null) 
      { 
       $new_password = password_hash($pass, PASSWORD_DEFAULT); 

       $stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, password, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :pass, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, password=:pass, role=:role, phone=:phone, dob=:dob, edate=now()"); 

       $stmt->bindparam(":pass", $new_password); 
      } 
      else 
      { 
       $stmt = $this->db->prepare("INSERT INTO users(id, firstname, lastname, prefix, email, role, phone, dob, cdate) VALUES(:id, :fname, :lname, :prefix, :email, :role, :phone, :dob, now()) ON DUPLICATE KEY UPDATE firstname=:fname, lastname=:lname, prefix=:prefix, email=:email, role=:role, phone=:phone, dob=:dob, edate=now()"); 

      } 

      $stmt->bindParam(":id", $user_id); 
      $stmt->bindparam(":fname", $fname); 
      $stmt->bindparam(":lname", $lname); 
      $stmt->bindparam(":prefix", $prefix); 
      $stmt->bindparam(":email", $email); 

      $stmt->bindparam(":role", $role); 
      $stmt->bindparam(":phone", $phone); 
      $stmt->bindparam(":dob", $dob); 

      return $stmt->execute(); 

     } 
     catch(PDOException $e) 
     { 
      echo $e->getMessage(); 
      return false; //Probably better to rethrow the exception to let the global error handler handle it but this works too. 
     }  
    }

您使用$_POST值作爲布爾值，但他們總是會被進來的字符串。大多數IDE都會警告直接使用$ _POST並建議使用filter_input。

例子：

if(filter_input(INPUT_POST,'add_user',FILTER_VALIDATE_BOOLEAN) == true) { }

公共職能不執行

回答

相關問題