du9537
du9537
2018-01-07 16:18

OOP php和ajax登录包装器响应

I'm working on a webapp who use a noSQL solution to store users account informations.

I've created a simple form to create users account and another one to login them, but I have some problem to login the users.

I'm testing the code and actually my first impression is that the wrapper file who call the php class I've made to deal with the noSQL db files not pass the $_POST variables to the class (usually I don't use to create my projects in an oop style). This problem will not affect the login form if I debug and test directly the class on the login.php page who contain the login form. What's wrong with the code.

This is the loginuser.php file that hold the login class:

#kiraDB is the database class 
require_once 'kiraDB.php';

class loginUser{

#public $email;    
#private $password;

#I've disabled the construct to try find where is the error in the code
#function __construct($email){
# $this->email = filter_var($email, FILTER_SANITIZE_EMAIL);
# $this->password = filter_var($password, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
#}

public function login($email,$password){
$db = new kiraDB('usersdb');
$loadUser = $db->select('users',$email);

$data = json_decode($loadUser,true);

$v = $this->checkPassword($password,$data['password']);
if($v == true){
 echo 'true';   

}  else { return false;}  
}

private function checkPassword($password, $hashedPassword){

$this->hashedPassword = $hashedPassword;

if(password_verify($password, $this->hashedPassword)){
    return true;
} else { return false; }

}    


}

This is the wrapper that is called by an ajax request to fetch and check the user login details like username and password. This wrapper script is stored in a path inside the system folder, the folder is named ajax.

require_once '../../system/loginuser.php';

if(isset($_POST['username'])){

$loginUser = new loginUser();

$loginDetails = $loginUser->login($_POST['username'],$_POST['password']);    
if($loginDetails == true){

echo 'login';

}    else { echo 'no login'; }
}

This is the ajax part of the login process (file main.js):

$('#login-btn').on('click', function(e){
e.preventDefault();    

var username = $('#username').val();    
var password = $('#password').val();
console.log(username);
console.log(password);    

$.ajax({
url: 'system/ajax/doLogin.php',
type: 'POST',
data: {email: username, password: password},
success: function(response){

console.log(response);

$('#login-response').show();
$('#login-response').append(response);

}
});    

});

This is the basic html page who hold the form.

<?php 
session_start();
ob_start();

require_once 'system/loginuser.php';

$l = new loginUser();

$t = $l->login('te@te','971ab3760a');
#if(password_verify('971ab3760a', $t)){

     #json_decode + password verify?

echo $t;
    #echo 'password ok';
    #} else { 
    #echo 'password err'; }
# $2y$10$.wXuhKmpC3mTCmiLqQvg5uat4rfe2skfFBw6TUmDwjnBcTMCNnz1S
# 971ab3760a
ob_end_flush();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>test login</title>
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="author" content="" />

<link rel="stylesheet" href="css/bootstrap.min.css">

<script src="js/jquery-3.2.1.min.js" type="text/javascript"></script>

<script src="js/tether.min.js" type="text/javascript"></script>

<script src="js/bootstrap.min.js" type="text/javascript"></script>

<script src="system/main.js" type="text/javascript"></script>  

<link href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" integrity="sha384-wvfXpqpZZVQGK6TAh5PVlGOfQNHSoD2xbE+QkPxCAFlNEevoEH3Sl0sibVcOQVnN" crossorigin="anonymous"> 

<link rel="stylesheet" href="css/main.css" type="text/css">    

</head>

<body>
<div class="container">
<div class="row justify-content-center">

    <div class="col-sm-6" id="login-box">

        <div class="alert alert-success" id="login-response" role="alert"></div>

        <label for="username">Username</label>
        <input type="text" class="form-control" id="username" placeholder="Username">

        <label for="password">Password</label>
        <input type="password" class="form-control" id="password">

        <button type="button" class="btn btn-primary" id="login-btn" name="login-btn">Login</button>

    </div>

</div> <!-- end row -->
</div> <!-- end container -->    
</body>
</html>    
  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • dsfdsf8888 dsfdsf8888 3年前

    In your controller side, you referenced the wrong key passed from the AJAX call. It should be email and not username

    This is because, in the AJAX call, you referenced email to be the key to the value username:

    data: {email: username, password: password},
    
    $loginDetails = $loginUser->login($_POST['email'],$_POST['password']); 
    

    So it should be

    if(isset($_POST['email'])){
    

    NOT

    if(isset($_POST['username'])){
    
    点赞 评论 复制链接分享