我正在建立一个注册和登录表单,我想散列我的用户密码注册和我的主要问题在这一点是如何编写查询更新密码时用户正在对他的电子邮件进行签名并第一次通过,并且我想将mysqli_insert_id()添加到查询中以跟踪每个用户的唯一标识。mysql查询用散列密码更新数据库
所以我有数据库名为testdb与users
里面。
我的代码是完美的工作,直到你必须查询密码并更新它的时刻。
首先,我散列我的密码
$password = $_POST['password'];
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
$query = "UPDATE `users` SET `password` = '$hashed_password' WHERE id = "
正如你可以看到我有我的查询问题,应该在我的数据库更新密码。
我有这样的代码写入到这一点,所以我需要帮助,继续我的UPDATE查询
if (array_key_exists("submit", $_POST)) {
// connect to our db
$link = mysqli_connect("localhost", "root", "", "secretdi");
// check for connection
if (mysqli_connect_error()) {
die("Database Connection Error");
}
$error = "";
if (!$_POST['email']) {
$error .= "An email address is required<br>";
}
if (!$_POST['password']) {
$error .= "A password is required<br>";
}
if ($error != "") {
$error = "<p>There were error(s) in your form:</p>".$error;
} else {
$query = "SELECT id FROM `users` WHERE `email` = '".mysqli_real_escape_string($link, $_POST['email'])."' LIMIT 1";
$results = mysqli_query($link, $query);
if (mysqli_num_rows($results) > 0) {
$error = "That email address is taken.";
} else {
$query = "INSERT INTO `users` (`email`, `password`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."','".mysqli_real_escape_string($link, $_POST['password'])."') ";
if (!mysqli_query($link,$query)) {
$error = "<p>Could not sign you up - please try again later</p>";
} else {
$password = $_POST['password'];
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
$query = "UPDATE `users` SET `password` = '$hashed_password' WHERE id = "
echo "Sign up successful";
}
}
}
等待,你想在登录时哈希密码?!为什么不在注册? – Vini
是啊我想散列他们的注册我正要编辑我的问题 – Learno
你散列密码在注册和验证hashpassword输入密码登录。我觉得你很困惑 – Akintunde007