我的android登录/注册PHP服务器出现问题
我需要以下代码的帮助,我不明白为什么我不能在db上注册帐户 下面是我的PHP脚本: 更新_user_info.php我的android登录/注册PHP服务器出现问题,php,android,mysql,json,wamp,Php,Android,Mysql,Json,Wamp,我需要以下代码的帮助,我不明白为什么我不能在db上注册帐户 下面是我的PHP脚本: 更新_user_info.php <?php class update_user_info { public function StoreUserInfo($fullname, $matno, $dept, $phone, $email, $password) { $hash = $this->hashFunction($password); $encr
<?php
class update_user_info {
public function StoreUserInfo($fullname, $matno, $dept, $phone, $email, $password) {
$hash = $this->hashFunction($password);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"]; // salt
$stmt = $this->conn->prepare("INSERT INTO users(fullname, matno, dept, phone, email, encrypted_password, salt, created_at) VALUES(?, ?, ?, ?, ?, ?, ?, Now())");
$stmt->bind_param("ssssssss", $fullname, $matno, $dept, $phone, $email, $encrypted_password, $salt, $created_at);
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result) {
$stmt = $this->conn->prepare("SELECT fullname, matno, dept, phone, email, encrypted_password, salt FROM users WHERE matno = ?");
$stmt->bind_param("s", $matno);
$stmt->execute();
$stmt-> bind_result($token2,$token3,$token4,$token5,$token6,$token7,$token8);
while ( $stmt-> fetch() ) {
$user["fullname"] = $token2;
$user["matno"] = $token3;
$user["dept"] = $token4;
$user["phone"] = $token5;
$user["email"] = $token6;
}
$stmt->close();
return $user;
} else {
return false;
}
}
public function hashFunction($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
public function VerifyUserAuthentication($matno, $password) {
$stmt = $this->conn->prepare("SELECT fullname, matno, dept, phone, email, encrypted_password, salt FROM users WHERE matno = ?");
$stmt->bind_param("s", $matno);
if ($stmt->execute()) {
$stmt-> bind_result($token2,$token3,$token4,$token5,$token6,$token7,$token8);
while ( $stmt-> fetch() ) {
$user["fullname"] = $token2;
$user["matno"] = $token3;
$user["dept"] = $token4;
$user["phone"] = $token5;
$user["email"] = $token6;
$user["encrypted_password"] = $token7;
$user["salt"] = $token8;
}
$stmt->close();
// verifying user password
$salt = $token8;
$encrypted_password = $token7;
$hash = $this->CheckHashFunction($salt, $password);
// check for password equality
if ($encrypted_password == $hash) {
// user authentication details are correct
return $user;
}
} else {
return NULL;
}
}
public function checkHashFunction($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
public function CheckExistingUser($matno) {
$stmt = $this->conn->prepare("SELECT matno from users WHERE matno = ?");
$stmt->bind_param("s", $matno);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
// user existed
$stmt->close();
return true;
} else {
// user not existed
$stmt->close();
return false;
}
}
}
?>
<?php
require_once 'update_user_info.php';
$db = new update_user_info();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['matno']) && isset($_POST['password'])) {
// receiving the post params
$matno = $_POST['matno'];
$password = $_POST['password'];
// get the user by email and password
$user = $db->VerifyUserAuthentication($matno, $password);
if ($user != false) {
// user is found
$response["error"] = FALSE;
$response["uid"] = $user["unique_id"];
$response["user"]["fullname"] = $user["fullname"];
$response["user"]["email"] = $user["email"];
$response["user"]["matno"] = $user["matno"];
$response["user"]["dept"] = $user["dept"];
$response["user"]["phone"] = $user["phone"];
echo json_encode($response);
} else {
// user is not found with the credentials
$response["error"] = TRUE;
$response["error_msg"] = "Login credentials are wrong. Please try again!";
echo json_encode($response);
}
} else {
// required post params is missing
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters email or password is missing!";
echo json_encode($response);
}
?>
<?php
require_once 'update_user_info.php';
$db = new update_user_info();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['fullname']) && isset($_POST['matnum']) && isset($_POST['depart']) && isset($_POST['phone']) && isset($_POST['email']) && isset($_POST['passworded'])) {
// receiving the post params
$fullname = $_POST['fullname'];
$matno = $_POST['matnum'];
$email = $_POST['email'];
$dept = $_POST['depart'];
$phone = $_POST['phone'];
$password = $_POST['passworded'];
// check if user is already existed with the same email
if ($db->CheckExistingUser($matno)) {
// user already existed
$response["error"] = TRUE;
$response["error_msg"] = "User already existed with " . $matno;
echo json_encode($response);
} else {
// create a new user
$user = $db->StoreUserInfo($fullname, $matno, $dept, $phone, $email, $password);
if ($user) {
// user stored successfully
$response["error"] = FALSE;
$response["user"]["fullname"] = $user["fullname"];
$response["user"]["matno"] = $user["matno"];
$response["user"]["dept"] = $user["dept"];
$response["user"]["phone"] = $user["phone"];
$response["user"]["email"] = $user["email"];
echo json_encode($response);
} else {
// user failed to store
$response["error"] = TRUE;
$response["error_msg"] = "Unknown error occurred in registration!";
echo json_encode($response);
}
}
} else {
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters (fullname, email or password) is missing!";
echo json_encode($response);
}
?>
我一定是做错了什么。感谢您的帮助。问题已解决。在postman上,我需要选择x-WW-form-urlencoded-under-body选项以使脚本正常工作。谢谢问题已解决。在postman上,我需要选择x-WW-form-urlencoded-under-body选项以使脚本正常工作。谢谢这是一种糟糕的密码散列方式。你应该用ok谢谢。这就是错误的原因吗?不,这只是代码中的一个单独的问题(而且它不是很安全,因为SHA1很弱)。好的,谢谢,我会纠正的。这是一种糟糕的散列密码的方法。你应该用ok谢谢。这就是错误的原因吗?不,这只是代码中的一个单独的问题(而且它不是很安全,因为SHA1很弱)。好的,谢谢,我会纠正的。