在codeigniter中使用電子郵件地址或用戶名登錄

Question

我遇到以下代碼的問題。我希望用戶使用他們的用戶名或電子郵件登錄。當我使用用戶名時，它工作得很好，但是當我使用電子郵件時，即使密碼錯誤，我也可以登錄。

public function can_login(){ 

    $user_mail = $this->input->post('user_mail'); 

    $this->db->where('email =', $user_mail); 
    $this->db->or_where('username =', $user_mail); 

    $this->db->where('password',md5($this->input->post('password'))); 
    $this->db->where('status =', 'registered'); 
    $query=$this->db->get('user'); 

    if($query->num_rows()== 1) { 
     return true; 
    } else { 
     return false; 
    } 
} 

Answer 1

您可以使用CodeIgniter Query Binding這樣的：

變化：

$this->db->where('email =', $user_mail); 
     $this->db->or_where('username =', $user_mail); 

$this->db->where('password',md5($this->input->post('password'))); 
$this->db->where('status =', 'registered'); 
$query=$this->db->get('user'); 

要：

$sql = "SELECT * FROM user WHERE (email = ? OR username = ?) AND password = ? AND status = 'registered' LIMIT 1"; 
$query = $this->db->query($sql, array($user_mail, $user_mail, md5($this->input->post('password'))); 

Answer 2

試試這個

$this->db->where("email = '$user_mail' or username = '$user_mail'"); 
$this->db->where('password', md5($this->input->post('password'))); 
$this->db->where('status', 'registered'); 
$query=$this->db->get('user'); 

Answer 3

謝謝你們這是我的解決方案，工作正常。

public function can_login(){ 
$user_mail = $this->input->post('user_mail'); 
$password= MD5($this->input->post('password')); 
$this->db->select('username,email,password'); 
$this->db->where("(email = '$user_mail' OR username = '$user_mail') AND password = '$password' AND status = 'registered'"); 

    $query=$this->db->get('user');` 

    if($query->num_rows()== 1) 
    { 
     return true; 
    }else 
    { 
     return false; 
    } 

    }