堆栈内存溢出
  简体   繁体   English

无法使用password_verify登录

[英]Can't login using password_verify

 原文  2018-07-26 16:16:49       php/ mysql/ passwords

问题描述

I'm trying to make a register/login system. 我正在尝试建立一个注册/登录系统。 The hashed passwords are saved into database successfully but when i try to login it says "Invalid login" which means it doesn't verify the password. 散列的密码已成功保存到数据库中,但是当我尝试登录时,它会显示“无效登录”,这意味着它不会验证密码。 Help me with this, it's my first time using password hash and verify 帮帮我,这是我第一次使用密码哈希和验证

Signup.php Signup.php 

<?php
include('AdminPanel/connect.php');

$name = $_POST['txt_name'];
$email = $_POST['txt_email'];
$password = password_hash($_POST['txt_pass'], PASSWORD_DEFAULT);
$radioVal = $_POST['Gender'];


if($radioVal == "Male")
{
    $radioVal = "Male";
}
else if ($radioVal == "Female")
{
    $radioVal = "Female";
}


$queryget = mysqli_query($con,"SELECT Email FROM signup WHERE Email='$email'") or die ("Query didnt work");
    $row = mysqli_fetch_array($queryget);


    $emaildb = $row['Email'];
    if($emaildb!=$email){
        echo"success";
        $insert = mysqli_query($con,"insert into signup (Name,Email,Password,Gender) values ('$name','$email','$password','$radioVal')");
    }else{
echo"Email already exists";
}

?>

Login.php 的login.php 

<?php

include('AdminPanel/connect.php');

session_start();

$email = $_POST['txt_email'];
$password = $_POST['txt_pass'];
$info = mysqli_query($con,"select count(*) from signup where Email = '$email' and Password = '$password'");

$row = mysqli_fetch_array($info);
if (($row[0] > 0) && password_verify($password, $row['Password']))
{

    $_SESSION['txt_email']=$email;
    echo "success";

}
else
{
    echo "Invalid login<br>Please re-enter your credentials";
}

?>

1 个解决方案

解决方案1
 2 已采纳  2018-07-26 16:18:24

You're selecting count(*) : 您正在选择count(*) 

$info = mysqli_query(
    $con, "select count(*) from signup where Email = '$email' and Password = '$password'"
);

But then referencing a field: 但是然后引用一个字段: 

$row['Password']

You need to select (at least) the field, but leave out the condition on password because the password you get won't match what's in the database: 您需要选择(至少)该字段,但要忽略密码的条件,因为您获得的密码与数据库中的密码不匹配: 

$info = mysqli_query(
    $con, "select * from signup where Email = '$email'"
);

Also, don't do that, because SQL injection. 另外,不要这样做,因为SQL注入。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP 无法使用 password_hash()/password_verify() 以正确的密码登录 - PHP can not login with correct password using password_hash()/password_verify() password_verify无法使用Bcrypt验证password_hash - password_verify can't verify password_hash with Bcrypt 使用password_verify登录CodeIgniter - Login in CodeIgniter with password_verify Php登录密码_verify - Php login password_verify 使用 password_verify() 登录系统 - Login system with password_verify() 无法将用户输入到password_verify() - Can't get user input in to password_verify() password_verify不验证哈希 - password_verify doesn't verify hash 我似乎无法使 password_verify() 工作 - I can't seem to make password_verify() work 无法使php password_verify()正常工作 - Can't get php password_verify() to work 在哪里将password_verify放在登录脚本中? - Where to put password_verify in login script?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM