Php password\u verfiy()返回false和正确的凭据
所以我创建了一个简单的登录页面,我在另一个项目中使用了这段代码,效果很好,但由于某种原因,现在它不起作用了。我猜我错过了一些明显的东西,但一个小时后我似乎找不到了 PHP版本:7.2.5 登录页面:Php password\u verfiy()返回false和正确的凭据,php,login,Php,Login,所以我创建了一个简单的登录页面,我在另一个项目中使用了这段代码,效果很好,但由于某种原因,现在它不起作用了。我猜我错过了一些明显的东西,但一个小时后我似乎找不到了 PHP版本:7.2.5 登录页面: <?php require "../db.php"; $username = $password = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { $username = mysqli_real_escape_string ( $con,
<?php require "../db.php";
$username = $password = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = mysqli_real_escape_string ( $con, $_POST['username']);
$password = mysqli_real_escape_string ( $con, $_POST['password']);
$hash = $con->query("SELECT password FROM users WHERE username = '$username'")->fetch_object()->password;
print_r($password);?><br><?php
$hash2 = password_hash($password, PASSWORD_DEFAULT);
echo $hash2;?><br><?php
print_r($hash);?><br><?php
var_dump(password_verify($password, $hash));
// if (password_verify($password, $hash)) {
// session_start();
// $_SESSION['username'] = $username;
// header("Location: ../seldep.php");
// die();
// }
// else {
// header("Location: ../index.php?1");
// die();
// }
}
?>
<form action="accounts/login.php" method="post">
<div class="z-depth-3 y-depth-3 x-depth-3 grey green-text lighten-4
row" style="display: inline-block; padding: 32px 48px 0px 48px;
border: 1px;
margin-top: 100px; solid #EEE;">
<div class="section"></div>
<div class="section"></div>
<h1 class="grey-text" style="font-size: 20px;"> <?php echo
CLAN_NAME; ?> </h1>
<div class='row'>
<h1 class="grey-text" style="font-size: 20px;"> LOGIN </h1>
<div class='input-field col s12'>
<input class='validate' type="text" name='username' required />
<label for='email'>Username</label>
</div>
</div>
<div class='row'>
<div class='input-field col m12'>
<input class='validate' type='password' name='password' required
/>
<label for='password'>Password</label>
</div>
<label style='float: right;'>
<b style="color: #F5F5F5;">Forgot Password?</b>
</label>
</div>
<br/>
<center>
<div class='row'>
<button style="margin-left:75px;" type='submit'
name='btn_login' class='col s6 btn btn-small white black-text
waves-effect z-depth-1 y-depth-1'>Login</button>
</div>
<div class='row'>
<a href="accounts/register.php" style="margin-left:75px;"
class='col s6 btn btn-small white black-text waves-effect z-
depth-1 y-depth-1'>Request access</a>
</div>
</center>
</div>
</form>
mysqli\u real\u escape\u字符串($con,$\u POST['password'])您可能正在此处中断密码。如果你不把这个值放进数据库,那就没有意义了。我可以吗?你能解释一下吗?你认为,我不是100%确定你的意思。您没有将字符串$\u POST['password']
放入数据库,那么为什么要在其上运行mysqli\u real\u escape\u string
。B.如果密码包含mysqli\u real\u escape\u string
escape的任何字符,则基本上您刚刚更改了密码,因此它永远不会匹配。ie我的密码是fdrtgvrmjitb'ru
你把它转换成fdrtgvrmjitb'ru
但是fdrtgvrmjitb'ru
!=fdrtgvrmjitb\ru
good catch@smith,但如果密码为5,则还必须存在另一个问题,否?可能是插入。发那个密码
<form action="accounts/login.php" method="post">
<div class="z-depth-3 y-depth-3 x-depth-3 grey green-text lighten-4
row" style="display: inline-block; padding: 32px 48px 0px 48px;
border: 1px;
margin-top: 100px; solid #EEE;">
<div class="section"></div>
<div class="section"></div>
<h1 class="grey-text" style="font-size: 20px;"> <?php echo
CLAN_NAME; ?> </h1>
<div class='row'>
<h1 class="grey-text" style="font-size: 20px;"> LOGIN </h1>
<div class='input-field col s12'>
<input class='validate' type="text" name='username' required />
<label for='email'>Username</label>
</div>
</div>
<div class='row'>
<div class='input-field col m12'>
<input class='validate' type='password' name='password' required
/>
<label for='password'>Password</label>
</div>
<label style='float: right;'>
<b style="color: #F5F5F5;">Forgot Password?</b>
</label>
</div>
<br/>
<center>
<div class='row'>
<button style="margin-left:75px;" type='submit'
name='btn_login' class='col s6 btn btn-small white black-text
waves-effect z-depth-1 y-depth-1'>Login</button>
</div>
<div class='row'>
<a href="accounts/register.php" style="margin-left:75px;"
class='col s6 btn btn-small white black-text waves-effect z-
depth-1 y-depth-1'>Request access</a>
</div>
</center>
</div>
</form>
<?php require "../db.php" ?>
<?php session_start(); ?>
<?php
$username = $email = $password = $password2 = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = mysqli_real_escape_string ( $con, $_POST['username']);
$email = mysqli_real_escape_string ( $con, $_POST['email']);
$password = mysqli_real_escape_string ( $con, $_POST['password']);
$password2 = mysqli_real_escape_string ( $con, $_POST['password2']);
if ($password == $password2) {
$hash = password_hash($password2, PASSWORD_DEFAULT);
$sql = "INSERT INTO users (username, email, password)
VALUES ('$username', '$email', '$hash')";
if ($con->query($sql) === TRUE) {
header("Location: register.php?rg");
die();
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
} else {
header("Location: register.php?passwordDontMatch");
}
}
?>
<form action="registerdone.php" method="post">
<div class="z-depth-3 y-depth-3 x-depth-3 grey green-text lighten-4 row" style="display: inline-block; padding: 32px 48px 0px 48px; border: 1px; margin-top: 100px; solid #EEE;">
<div class="section"></div>
<div class="section"></div>
<div class='row'>
<h1 class="grey-text" style="font-size: 20px;"> REQUEST ACCESS </h1>
<!-- Defining the username -->
<div class='input-field col s12'>
<input class='validate' type="text" name='username' id='email' required />
<label for='email'>Username</label>
</div>
<!-- Defining the email -->
<div class='input-field col s12'>
<input class='validate' type="text" name='email' id='email' required />
<label for='email'>Email</label>
</div>
</div>
<div class='row'>
<!-- Defining the password -->
<div class='input-field col m12'>
<input class='validate' type='password' name='password' id='password' required />
<label for='password'>Password</label>
</div>
<!-- Confirming the passwords matching -->
<div class='input-field col m12'>
<input class='validate' type='password' name='password2' id='password' required />
<label for='password'>Confirm password</label>
</div>
</div>
<br/>
<center>
<div class='row'>
<button style="margin-left:75px;" type='submit' name='btn_login' class='col s6 btn btn-small white black-text waves-effect z-depth-1 y-depth-1'>Request access</button>
</div>
<div class='row'>
<a href="../index.php" style="margin-left:75px;" class='col s6 btn btn-small white black-text waves-effect z-depth-1 y-depth-1'>Login page</a>
</div>
</center>
</div>
</form>
$hash = password_hash($password, PASSWORD_DEFAULT);
print_r($hash);?><br><?php
var_dump($hash);?><br><?php
$hash2 = password_hash($password2, PASSWORD_DEFAULT);
print_r($hash2);?><br><?php
var_dump($hash2);?><br><?php
die();
string(60) "$2y$10$VECqLlJwpndtDSv3r/U4z.4JsIZjXoFUuj7ALkzlFQuTeUKVcK/ze"
$2y$10$x8MLKNwcvbhY7AoYxPiFyOaEazE2rfS2nbqVetATATuH1QpnwLa96
string(60) "$2y$10$x8MLKNwcvbhY7AoYxPiFyOaEazE2rfS2nbqVetATATuH1QpnwLa96"
$2y$10$VECqLlJwpndtDSv3r/U4z.4JsIZjXoFUuj7ALkzlFQuTeUKVcK/ze