php - Login function only using second condition and not first -
i use username when username second condition email wouldn't work , vise versa. code below appreciated. :)
public function loginuser($usernameemail,$password){ $query = $this->db->prepare("select * users email or username = :usernameemail"); $query->execute(array(":usernameemail"=>$usernameemail)); $rows = $query->fetch(pdo::fetch_assoc); if(password_verify($password, $rows['password'])){ $_session['userid'] = $rows['userid']; $_session['username'] = $rows['username']; $_session['usergroup'] = $rows['usergroup']; return true; } else { return false; } }
you need test columns individually, combine tests or.
where email = :usernameemail or username = :usernameemail you use in ():
where :usernameemail in (email, username) your query being parsed as
where (email != false) or (username = :usernameemail) so matches non-empty email value.
Comments
Post a Comment