password_verify无法使用Bcrypt验证password_hash
[英]password_verify can't verify password_hash with Bcrypt
问题描述
我在获取password_verify确认我的哈希密码时遇到一些问题。 这是我的登录名:
if (isset($_POST["login-button-front"]))
{
// IF VALUE IS GIVEN
if (isset($_POST["user-password"]) && ($_POST["user-email"])){
$user_email = $_POST["user-email"];
// QUERY DATABASE TO VERIFY LOGIN INFORMATION
$query_password = $db->prepare("SELECT password, user_session FROM login WHERE email = :user_email");
$query_password->execute(array(':user_email' => $user_email));
$password_row = $query_password->fetchAll();
// CHECK PASSWORD
$password = $_POST["user-password"];
$password_hash = $password_row[0]["password"];
if(password_verify($password, $password_hash)){
$_SESSION['user'] = $password_row['user_session'];
require 'members.php';
}
// RESPOND IF WRONG INFORMATION GIVEN
else{
$login_wrong = "The username and/or password you entered is incorrect. Please try again.";
require 'front_page.php';
}
}
// RESPOND IF NO INFORMATION GIVEN
else{
$login_wrong = "You must enter a valid username and password to login. Need an account? Register below.";
require 'front_page.php';
}
}
这是我的注册:
$password = password_hash($_POST['password1'], PASSWORD_DEFAULT);
1 个解决方案
解决方案1
0 已采纳 2015-05-02 20:02:58
我查看了所有详细信息,删除了单引号和双引号。 还要确保没有获取错误。 这是我的工作代码:
if (isset($_POST["login-button-front"]))
{
// IF VALUE IS GIVEN
if (isset($_POST["user-password"]) && ($_POST["user-email"])){
$user_email = $_POST["user-email"];
// QUERY DATABASE TO VERIFY LOGIN INFORMATION
$query_password = $db->prepare("SELECT password, user_session FROM login WHERE email = :user_email");
$query_password->execute(array(':user_email' => $user_email));
$password_row = $query_password->fetchAll();
// CHECK PASSWORD
$password = $_POST["user-password"];
$password_hash = $password_row[0]["password"];
if(password_verify($password, $password_hash)){
$_SESSION['user'] = $password_row[0]['user_session'];
require 'members.php';
}
// RESPOND IF WRONG INFORMATION GIVEN
else{
$login_wrong = "The username and/or password you entered is incorrect. Please try again.";
require 'front_page.php';
}
}
// RESPOND IF NO INFORMATION GIVEN
else{
$login_wrong = "You must enter a valid username and password to login. Need an account? Register below.";
require 'front_page.php';
}
}
我最终使用此哈希:
$password_options = ['cost' => 11,'salt' => mcrypt_create_iv(22,MCRYPT_DEV_URANDOM),];
$password = password_hash($_POST['password1'], PASSWORD_BCRYPT, $password_options);
PHP password_hash() password_verify() 最大密码长度?
[英]PHP password_hash() password_verify() maximum password length?
PHP使用password_verify和password_hash验证密码
[英]PHP Verifying passwords using password_verify and password_hash
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
PHP中的password_verify和password_hash
PHP password_hash(),password_verify()
PHP password_hash() password_verify() 最大密码长度?
Password_hash和Password_verify,也存储密码吗?
password_hash和password_verify的密码哈希问题
PHP使用password_verify和password_hash验证密码
password_hash,password_verify,MySQL误会?
使用password_hash()和password_verify()的问题
php password_hash和password_verify问题
password_hash和password_verify返回false
相关标签