stackoom
  简体   繁体   中英

Php login error password or username wrong

 原文  2017-11-24 09:43:14       php/ mysql

Question

Hi i'm facing a serious problem when i try to connect to an account!! always showing error password or username wrong! i'm using md5 hashed password in mysql !! here's my login page code and mysql table query image : 

    <?php 
session_start();
error_reporting(E_ALL); 
ini_set('display_errors', 1);
include_once('module/config.php');
if(isset($_SESSION['id'])){
    header("location: index.php");
}
if(isset($_POST['login'])){
    $identification = $_POST['username'];
    $identification = mysqli_real_escape_string($link, $identification);
    $password = $_POST['password'];
    $password = mysqli_real_escape_string($link, $password);

    if($identification == "" || $password == "")
        {
            echo "Error Username / Password Wrong !";
        }else {

            $sql ="SELECT * FROM usrr WHERE usrname='$identification' LIMIT 1";
            $query = mysqli_query($link, $sql);
            if (!$query ) { die(mysqli_error($link)); } 
            $row = mysqli_fetch_array($query);
            $id= $row['uid'];
            $db_pss =$row['usrpass'];
            if (password_verify($password, $db_pss)){
                $_SESSION['id'] = $id;
                $_SESSION['name'] = $row['name'];
                header("location: index.php");

            }else{
                echo "Error Username / Password Wrong !";
            }

        }
}


?>


<form method="post">
<label>username : </label>
<input type="text" name="username"><br/>
<label>password : </label>
<input type="password" name="password"><br/>
<input type="submit" name="login" value="login">

</form>

MYSQL TABLE IMAGE

1 answers

solution1
 2  2017-11-24 09:46:28

password_verify works on password_hash and NOT on md5 hash

Please check the documentation: http://php.net/manual/en/function.password-hash.php

UPDATE:

The problem is actually on the sign up or adding the user on the DB . Not on the sign in.

When the user sign up use this 

$pwHash = password_hash($userPasssword, PASSWORD_DEFAULT);

$pwHash is the hash that you should save on the DB. Not the md5

Then you can use your sign in code above. No need to change it.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP Session Login return wrong username and password PHP login works with wrong username and password PHP Login with Username/Password PHP Login Script always prints “wrong username or password” PHP login script redirects even when wrong username and password are provided Wrong error message when login even username and password is correct Username/Password Login Trouble with PHP PHP Error? in Password or Username login error password and username combination Login success when giving wrong username and password
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM