[英]password_verify() not working with database
my registration page is我的注册页面是
<?php
require 'core.inc.php';
include 'connect.inc.php';
if (!loggedin()) {
if (isset($_POST['first_name']) && isset($_POST['last_name']) && isset($_POST['user_name']) && isset($_POST['password']) && isset($_POST['retype_password'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$username = $_POST['user_name'];
$password = $_POST['password'];
$retype_password = $_POST['retype_password'];
$password_hash = password_hash($password, PASSWORD_DEFAULT);
if (!empty($first_name) && !empty($last_name) && !empty($username) && !empty($password) && !empty($retype_password)) {
if ($password!=$retype_password) {
echo 'Password does not matched';
} else {
$select_user_query = "SELECT `user_name` FROM `company_login` WHERE `user_name` = '$username'";
$run_user_query = mysqli_query($db_connect,$select_user_query);
if (mysqli_num_rows($run_user_query)==NULL) {
$insert_new_userinfo = "INSERT INTO`company_login`(`user_name`, `password`, `first_name`, `last_name`) VALUES ('".mysqli_real_escape_string($db_connect,$username)."','".mysqli_real_escape_string($db_connect,$password_hash)."','".mysqli_real_escape_string($db_connect,$first_name)."','".mysqli_real_escape_string($db_connect,$last_name)."')";
if ($insert_run = mysqli_query($db_connect,$insert_new_userinfo)) {
header('Location: signup_success.php');
} else {
echo 'Sorry, we couldn\'t register you at this time. Please try again later.';
}
} else {
echo 'The username '.$username.' already exists';
}
}
} else {
echo 'All fields are required.';
}
}
?>
<form action="register.php" method="post">
First Name : <br/><input type="text" name="first_name" value="<?php echo @$first_name ?>"><br/><br/>
Last Name : <br/><input type="text" name="last_name" value="<?php echo @$last_name?>"><br/><br/>
Username : <br/><input type="text" name="user_name" value="<?php echo @$username?>"><br/><br/>
Password : <br/><input type="password" name="password"><br/><br/>
Re-type Password : <br/><input type="password" name="retype_password"><br/> <br/>
<input type="Submit" value="Register">
</form>
<?php
} elseif (loggedin()) {
echo "You're already registered and logged in";
}
?>
I am trying to get the value from database using code below:我正在尝试使用以下代码从数据库中获取值:
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$select_pass_query = "SELECT `password` FROM `company_login` WHERE `user_name` = '".mysqli_real_escape_string($db_connect,$username)."'";
if ($select_pass_query_run = mysqli_query($db_connect,$select_pass_query)) {
// echo "suceessfully find the password";
$pass_num_row = mysqli_num_rows($select_pass_query_run);
if ($pass_num_row==NULL) {
echo "Invalid username/password combination";
} else if ($pass_num_row==1) {
$user_password = mysqli_fetch_row($select_pass_query_run);
$user_password_result = $user_password[0];
echo $user_password_result . "<br/>";
echo $pass_verify = password_verify($password, $user_password_result);
} else {
echo 'failed';
}
} else {
echo 'cannot find the password';
}
When I echo out the $user_password_result
variable it is displayed, so the database is successfully returning the value, but when I echo out $pass_verify = password_verify($password, $user_password_result);
当我回显$user_password_result
变量时,它会显示出来,因此数据库成功返回了该值,但是当我回显$pass_verify = password_verify($password, $user_password_result);
, nothing is displayed. ,不显示任何内容。 Why is this happening?为什么会这样?
password_verify
returns a boolean. password_verify
返回一个布尔值。
If login is invalid echoing a false value will print nothing.如果登录无效,则回显 false 值将不打印任何内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.