[英]PHP Login - if(empty)$password doesn't work in my code, why?
[英]Why doesn't my password validation work?
我正在为博客创建登录屏幕,但是当它必须验证哈希时,它将失败。 我在这里搜索过很多东西,并问了一些同学,但还是失败了。 提交时会收到警报
用户名或密码错误!
我怎样才能解决这个问题?
这是我的登录脚本
<?php
include_once('resources/db.php');
$sql = "SELECT username, password FROM users WHERE username = :username";
$query = $db->prepare($sql);
$query->execute(array(":username" => $_POST['username']));
$user = $query->fetch(PDO::FETCH_ASSOC);
if ( isset( $_POST['submit'] )) {
$username = $_POST['username'];
$password = $_POST['password'];
$hash_password = $user['password'];
if ( password_verify($password, $hash_password)) {
if ($query->rowCount() == 1){
echo "chrisschotman is ingelogd";
} else {
echo "<script type=\"text/javascript\">alert('Wrong username!')</script>";
}
} else {
echo "<script type=\"text/javascript\">alert('Wrong password or username!')</script>";
}
}
?>
这是我的登录表格
<form action="" method="post">
<input type="text" placeholder="username" name="username"maxlength="24"><br>
<input type="password" placeholder="password" name="password" minlength="8"
maxlength="16"><br>
<input type="submit" value="login" name="submit">
</form>
这是我的注册脚本
<?php
include_once('resources/db.php');
// var_dump($_POST);
$query = $db->prepare('insert into users (`username`, `password`, `privileges`) values(?, ?, ?)');
$query =$db->prepare('select * from users');
$query->execute();
?>
//这是注册表
<?php
if (isset($_POST)) {
include_once('resources/db.php');
$sql = "INSERT INTO users (`username`, `password`) VALUES (:username, :password)";
$query = $db->prepare($sql);
$query->execute(array(
':username' => $_POST['username'],
':password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
));
if ($query) {
echo "Registered succefully";
} else {
echo "Occured and error";
}
}
?>
将数据库行更改为varchar(255)
$sql = "SELECT username, password FROM users WHERE username = :username";
$query = $db->prepare($sql);
$query->execute(array(":username" => $_POST['username']));
$user = $query->fetch(PDO::FETCH_ASSOC);
并尝试注册:
<?php
$db = new PDO('mysql:host=localhost;dbname=' . $db_name . ',' . $db_user . ',' . $db_pass);
if (isset($_POST)) {
include_once('resources/db.php');
$sql = "INSERT INTO users (`username`, `password`) VALUES (:username, :password)";
$query = $db->prepare($sql);
$query->execute(array(
':username' => $_POST['username'],
':password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
));
if ($query) {
echo "Registered succefully";
} else {
echo "Occured and error";
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.