PHP哈希密码中的注册脚本

Question

I am learning PHP and am at a point where I have successfully managed to insert data into my database and it redirects me back to my registration form so I am happy at this point, I am just looking at ways to add the passwords into the database as a hash and to salt it it also.

Where in my code do I begin doing this, I am not looking for an answer or somebody to do it for me I just need some advice.

<?php

include 'connect.php';

// escape variables for security
$username = mysqli_real_escape_string($con, $_POST['username']);
$password = mysqli_real_escape_string($con, $_POST['password']);
$first_name = mysqli_real_escape_string($con, $_POST['first_name']);
$last_name = mysqli_real_escape_string($con, $_POST['last_name']);
$email = mysqli_real_escape_string($con, $_POST['email']);

$sql="INSERT INTO users (username, password, first_name, last_name, email )
VALUES ('$username', '$password', '$first_name', '$last_name', '$email')";


if (!mysqli_query($con,$sql)) {
  die('Error: ' . mysqli_error($con));
}
    header ('Location: /register.php');



?>

Answer 1

You can use password_hash to hash your password.

It will use the best algorithm available and be upgraded in the future.

More infos here.