[英]Why is my password_verify function not matching the correct passwords together that I enter and know is what is in the database
我的代码有什么问题? 即使输入正确的密码,我仍然会收到消息,提示输入的密码是否正确。 我检查了我的数据表,以确保其被正确散列和存储。 正如您在我的代码中所看到的,我回显了查询的结果,我将其绑定到变量$ hash以确保它正确地获取了它。
<?php
//start a session
//unset session variables, expire session cookie, destroy session
//start a new session
session_start();
$_SESSION = array();
setcookie('PHPSESSID', '', time());
session_destroy();
session_start();
//require template_functions.php file
//call function that renders layout with content file: index.php
require $_SERVER['DOCUMENT_ROOT']. '/practice2/resources/library/template_functions.php';
layout('/practice2/public_html/php/index.php');
//if 'login' btn not clicked
if (!isset($_POST['login'])) {
} else {
//bind typed name & pw variable
$name = $_POST['name'];
$pw = $_POST['pw'];
//if name not typed
if (!$name){
} else {
//create prepared statement
$stmt = $mysqli->prepare('SELECT pw FROM user WHERE name = ?');
//bind parameters
$stmt->bind_param( 's', $name);
//execute query
$stmt->execute();
//store result
$stmt->store_result();
//if name doesn't match
if ($stmt->num_rows() == 0) {
echo '<br>The username that you\'ve entered doesn\'t match any account.';
//if name matches
} else
if (!$pw) {
echo '<br> Log in as <b>' .$name. '</b>. <a href="
/practice2/public_html/php/index.php">Not you?</a>';
} else {
//bind result variables
$stmt->bind_result($hash);
//fetch values
while ($stmt->fetch()) {
echo $hash;
if (!password_verify($hash, $pw)) {
echo '<br>The password that you\'ve entered is incorrect.
<a href="">Forgetten password?</a>';
} else {
//assign session variables
$_SESSION['loggedin'] = true;
$_SESSION['name'] = $name;
echo '<br>What\'s your latest ?';
//free result
$stmt->free_result();
//close statement
$stmt->close();
//close connection
$mysqli->close();
//require home.php;
}
}
}
}
}
?>
RTM: http : //php.net/password_verify
你有
if (!password_verify($hash, $pw)) {
它应该是
if (!password_verify($pw, $hash)) {
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.