gpt4 book ai didi

php - 在现有密码上使用 password_verify

转载 作者:搜寻专家 更新时间:2023-10-30 20:27:06 24 4
gpt4 key购买 nike

我正在尝试在某人登录我的网站之前检查他们的密码和用户名。密码都存储在 password_hash($password1, PASSWORD_BCRYPT); 我不确定我做错了什么。目前,无论我输入什么,它总是说不正确。

<?php
require 'privstuff/dbinfo.php';

$username = $_POST["username"];
$password1 = $_POST["password1"];

$mysqli = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);

if(mysqli_connect_errno()) {
echo "Connection Failed. Please send an email to owner@othertxt.com regarding this problem.";
exit();
}

if ($stmt = $mysqli->prepare("SELECT `username`, `password` FROM `accounts` WHERE username = ? AND password = ?")) {


$result = mysqli_query($mysqli,"SELECT `password` FROM `accounts` WHERE username = $username");

$stmt->bind_param("ss", $username, password_verify($password1, $result);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows) {
echo("Success");
}
else {
echo("Incorrect");
}

}
$mysqli->close();

?>

这是register.php

<?php
require 'privstuff/dbinfo.php';

$firstname = $_POST["firstname"];
$password1 = $_POST["password1"];
$email = $_POST["email"];
$ip = $_SERVER['REMOTE_ADDR'];
$username = $_POST["username"];

$mysqli = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);


if(mysqli_connect_errno()) {
echo "Connection Failed. Please send an email to owner@othertxt.com regarding this problem.";
exit();
}

if ($stmt = $mysqli->prepare("INSERT INTO `accounts`(`firstname`, `username`, `password`, `email`, `ip`) VALUES (?,?,?,?,?)")) {

$db_pw = password_hash($password1, PASSWORD_BCRYPT);

$stmt->bind_param("sssss", $firstname, $username, $db_pw, $email, $ip);
$stmt->execute();
if ($stmt->affected_rows > 0) {

echo "Account successfuly created";
}
$stmt->close();
}
$stmt->close();

$mysqli->close();

?>

最佳答案

我解决了这个问题。我错误地使用了 password_verify

<?php
require 'privstuff/dbinfo.php';


$username = $_POST["username"];
$password1 = $_POST["password1"];

$mysqli = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);

// Check connection
if(mysqli_connect_errno()) {
echo "Connection Failed: " . mysqli_connect_errno();
exit();
}

/* create a prepared statement */
if ($stmt = $mysqli->prepare("SELECT `password` FROM `accounts` WHERE username = ?")) {

/* Bind parameters: s - string, b - blob, i - int, etc */
$stmt -> bind_param("s", $username);

/* Execute it */
$stmt -> execute();

/* Bind results */
$stmt -> bind_result($result);

/* Fetch the value */
$stmt -> fetch();

/* Close statement */
$stmt -> close();
}


if(password_verify($password1, $result))
{
session_start();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $username;

echo '<script type="text/javascript"> window.open("textbomber.php","_self");</script>';
}else{
echo '<script type="text/javascript"> alert("Incorrect Username/Password"); window.open("login.html","_self");</script>';
}

$mysqli->close();
?>

关于php - 在现有密码上使用 password_verify,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27476832/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com