堆栈内存溢出
  简体   繁体   English

如何在我的代码中使用密码验证来更正错误

[英]How can I correct the error with password verify in my code

 原文  2019-04-03 05:12:19       php

问题描述

I'm trying to make a log in form. 我正在尝试登录表单。 But every time that I try to login it always give a error message that my password is incorrect. 但每次我尝试登录时,总会给出一条错误消息,指出我的密码不正确。 Im using md5 to hash my password in the database. 我使用md5在数据库中哈希我的密码。

I've tried to remove the hash and password_verify to my code but it automatically login the user with incorrect passowrd 我试图将hash和password_verify删除到我的代码,但它会自动以不正确的passowrd登录用户 

<?php

if (isset($_POST['login-submit'])) {

require 'dbh.inc.php';

$mailuid = $_POST['mailuid'];
$password = $_POST['pwd'];

if (empty($mailuid) || empty($password)){
    header("Location: ../systemlogintut/index1.php?error=emptyfields");
    exit(); 
}
else {
    $sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;";
    $stmt = mysqli_stmt_init($conn);
    if (!mysqli_stmt_prepare($stmt, $sql)) {
        header("Location: ../systemlogintut/index1.php?error=sqlerror");
    exit(); 
    }
    else {

        mysqli_stmt_bind_param($stmt, "ss", $mailuid, $password);
        mysqli_stmt_execute($stmt);
        $result = mysqli_stmt_get_result($stmt);
        if ($row = mysqli_fetch_assoc($result)) {
            $pwdCheck = password_verify($password, $row['pwdUsers']);
            if ($pwdCheck == false) {
            header("Location: ../systemlogintut/index1.php?error=wrongpwd");
            exit();     
            }
            else if ($pwdCheck == true) {
                session_start();
                $_SERVER['userId'] = $row['idUsers'];
                $_SERVER['userUid'] = $row['uidUsers'];
                header("Location: ../systemlogintut/index1.php?login=success");
            exit();
            }
            else {
            header("Location: ../systemlogintut/index1.php?error=wrongpwd");
            exit();
            }
        }
        else {
            header("Location: ../systemlogintut/index1.php?error=nouser");
            exit(); 
        }
    }
  }
}
else {
  header("Location: ../systemlogintut/index1.php");
  exit();
}

3 个解决方案

解决方案1
 0  2019-04-03 05:22:02

You are automatically logging in the user, change the redirect code in this line 您将自动登录用户,更改此行中的重定向代码 

if ($row = mysqli_fetch_assoc($result)) 
{
   $pwdCheck = password_verify($password, $row['pwdUsers']);
     if ($pwdCheck == false) {
        header("Location: ../systemlogintut/index1.php?error=wrongpwd"); // change the redirection here
     exit();     
}

解决方案2
 0  2019-04-03 05:31:03

I just change it to: 我只是将它改为: 

$hashedPwd = password_hash($password, PASSWORD_DEFAULT);

instead of using: 而不是使用: 

$hashedPwd = mb5($password, PASSWORD_DEFAULT);

解决方案3
 0  2019-04-03 06:19:30

试试吧$ password = md5($ _ POST ['pwd']);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在登录前使用 PHP 验证密码和 pin 是否正确? - How can i use PHP to verify if both password and pin is correct before logging in? 为什么我没有正确的密码就可以登录? 为什么 password_verify 总是返回 true? - Why i can login without correct password? Why password_verify always returns true? 为什么我的password_verify函数与我输入的正确密码不匹配,并且知道数据库中包含什么 - Why is my password_verify function not matching the correct passwords together that I enter and know is what is in the database 如何在我的PHP代码中加密md5的密码 - How can I encrypt password to md5 in my php code 我如何检查我的WordPress代码是否正确? - How can i check to see if my WordPress code is correct? 如何为此SQL查询更正我的PHP代码? - How can I correct my PHP code for this SQL query? 验证并创建哈希密码错误,我可以使用哈希密码创建帐户,但是我无法验证吗? - Verifying and creating hashed password error, I can create an account with hashed password, however, I cannot verify it? 当我没有收到验证码时,如何验证我的 Gmail Oauth 进程? - How can I verify my Gmail Oauth process when I'm not given a verification code? 为什么即使回答正确我也无法查看密码? - why can't i view my password even answer is correct? 我在哪里将password_verify函数放在代码中? - where do i put the password_verify function in my code please?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM