[英]Can't login using password_verify
我正在嘗試建立一個注冊/登錄系統。 散列的密碼已成功保存到數據庫中,但是當我嘗試登錄時,它會顯示“無效登錄”,這意味着它不會驗證密碼。 幫幫我,這是我第一次使用密碼哈希和驗證
Signup.php
<?php
include('AdminPanel/connect.php');
$name = $_POST['txt_name'];
$email = $_POST['txt_email'];
$password = password_hash($_POST['txt_pass'], PASSWORD_DEFAULT);
$radioVal = $_POST['Gender'];
if($radioVal == "Male")
{
$radioVal = "Male";
}
else if ($radioVal == "Female")
{
$radioVal = "Female";
}
$queryget = mysqli_query($con,"SELECT Email FROM signup WHERE Email='$email'") or die ("Query didnt work");
$row = mysqli_fetch_array($queryget);
$emaildb = $row['Email'];
if($emaildb!=$email){
echo"success";
$insert = mysqli_query($con,"insert into signup (Name,Email,Password,Gender) values ('$name','$email','$password','$radioVal')");
}else{
echo"Email already exists";
}
?>
的login.php
<?php
include('AdminPanel/connect.php');
session_start();
$email = $_POST['txt_email'];
$password = $_POST['txt_pass'];
$info = mysqli_query($con,"select count(*) from signup where Email = '$email' and Password = '$password'");
$row = mysqli_fetch_array($info);
if (($row[0] > 0) && password_verify($password, $row['Password']))
{
$_SESSION['txt_email']=$email;
echo "success";
}
else
{
echo "Invalid login<br>Please re-enter your credentials";
}
?>
您正在選擇count(*) :
$info = mysqli_query(
$con, "select count(*) from signup where Email = '$email' and Password = '$password'"
);
但是然后引用一個字段:
$row['Password']
您需要選擇(至少)該字段,但要忽略密碼的條件,因為您獲得的密碼與數據庫中的密碼不匹配:
$info = mysqli_query(
$con, "select * from signup where Email = '$email'"
);
另外,不要這樣做,因為SQL注入。
PHP 無法使用 password_hash()/password_verify() 以正確的密碼登錄
[英]PHP can not login with correct password using password_hash()/password_verify()
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.