gpt4 book ai didi

php - 无法让password_verify 工作(PHP、MYSQL)

转载 作者:行者123 更新时间:2023-11-29 10:27:22 25 4
gpt4 key购买 nike

我已经在我的注册脚本中设置了password_hash。无法弄清楚如何正确使用password_verify登录我的网站。

数据库截图:https://i.imgur.com/hWjRiXN.png

登录代码(显示“登录错误,即使密码正确):

<?php  
require 'db_connect.php';

if (isset($_POST['username']) and isset($_POST['password'])){

$username = $_POST['username'];
$password = $_POST['password'];

$query = "SELECT * FROM `member` WHERE username='$username'";

$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);

if (password_verify($_POST['password'],$hashword))
{
echo "Correct login";
}
else
{
echo "incorrect login";
}
}
?>

注册码(效果很好,数据库连接也没有问题):

<?php
require 'db_connect.php';

$email = $_POST['email'];
$username = $_POST['username'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];

if($password1 != $password2)
header('Location: registration.html');
if(strlen($username) > 25)
header('Location: registration.html');

$hashword = password_hash($password,PASSWORD_DEFAULT);

$query = "INSERT INTO member ( username, password, email)
VALUES ( '$username', '$hashword', '$email');";

$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
mysql_close();

header('Location: login.html');
?>

最佳答案

从您的代码来看,您似乎没有使用插入数据库的正确哈希词检查 $_POST['password']

变量$hashword将没有任何内容,因此password_verify失败。

获取存储在数据库中的密码值并将其存储在 $hashword 变量中,然后在 password_verify 函数中使用它,使其按预期工作。

示例

$row = mysqli_fetch_assoc($result);
$hashword = $row['password'];

使用

$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);

$row = mysqli_fetch_assoc($result);
$hashword = $row['password'];

if (password_verify($_POST['password'],$hashword))
{
echo "Correct login";
}
else
{
echo "incorrect login";
}

关于php - 无法让password_verify 工作(PHP、MYSQL),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48052605/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com