[英]How can I correct the error with password verify in my code
我正在嘗試登錄表單。 但每次我嘗試登錄時,總會給出一條錯誤消息,指出我的密碼不正確。 我使用md5在數據庫中哈希我的密碼。
我試圖將hash和password_verify刪除到我的代碼,但它會自動以不正確的passowrd登錄用戶
<?php
if (isset($_POST['login-submit'])) {
require 'dbh.inc.php';
$mailuid = $_POST['mailuid'];
$password = $_POST['pwd'];
if (empty($mailuid) || empty($password)){
header("Location: ../systemlogintut/index1.php?error=emptyfields");
exit();
}
else {
$sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../systemlogintut/index1.php?error=sqlerror");
exit();
}
else {
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $password);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$pwdCheck = password_verify($password, $row['pwdUsers']);
if ($pwdCheck == false) {
header("Location: ../systemlogintut/index1.php?error=wrongpwd");
exit();
}
else if ($pwdCheck == true) {
session_start();
$_SERVER['userId'] = $row['idUsers'];
$_SERVER['userUid'] = $row['uidUsers'];
header("Location: ../systemlogintut/index1.php?login=success");
exit();
}
else {
header("Location: ../systemlogintut/index1.php?error=wrongpwd");
exit();
}
}
else {
header("Location: ../systemlogintut/index1.php?error=nouser");
exit();
}
}
}
}
else {
header("Location: ../systemlogintut/index1.php");
exit();
}
您將自動登錄用戶,更改此行中的重定向代碼
if ($row = mysqli_fetch_assoc($result))
{
$pwdCheck = password_verify($password, $row['pwdUsers']);
if ($pwdCheck == false) {
header("Location: ../systemlogintut/index1.php?error=wrongpwd"); // change the redirection here
exit();
}
我只是將它改為:
$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
而不是使用:
$hashedPwd = mb5($password, PASSWORD_DEFAULT);
試試吧$ password = md5($ _ POST ['pwd']);
如何在登錄前使用 PHP 驗證密碼和 pin 是否正確?
[英]How can i use PHP to verify if both password and pin is correct before logging in?
為什么我沒有正確的密碼就可以登錄? 為什么 password_verify 總是返回 true?
[英]Why i can login without correct password? Why password_verify always returns true?
為什么我的password_verify函數與我輸入的正確密碼不匹配,並且知道數據庫中包含什么
[英]Why is my password_verify function not matching the correct passwords together that I enter and know is what is in the database
驗證並創建哈希密碼錯誤,我可以使用哈希密碼創建帳戶,但是我無法驗證嗎?
[英]Verifying and creating hashed password error, I can create an account with hashed password, however, I cannot verify it?
當我沒有收到驗證碼時,如何驗證我的 Gmail Oauth 進程?
[英]How can I verify my Gmail Oauth process when I'm not given a verification code?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.