奇怪Password_Hash问题

Question

这样的IM使用完全相同的脚本，我用了一段时间后，由于某种原因，当我移动到我的新域名和托管它是有很奇怪的问题，我创建了一个用户，并得到HM尝试登录，它不是为他工作我得到了一个新的哈希从这个PHP随机test.php的文件：

<?php 
/** 
* In this case, we want to increase the default cost for BCRYPT to 12. 
* Note that we also switched to BCRYPT, which will always be 60 characters. 
*/ 
$options = [ 
    'cost' => 9, 
]; 
echo password_hash("His Pass", PASSWORD_BCRYPT, $options)."\n"; 
?> 

那么它的工作，他登录罚款，然后我试图登录到我的主管理帐户和某些原因，即使我现在尝试重新制作散列2次，它现在也不工作。

我不知道怎么回事就可以有人请赐教。

继承人的登录码：

//If User Submits Form continue; 
if(isset($_POST['username'])) { 

    //If the captcha wasn't submitted; 
    if(empty($_POST['g-recaptcha-response'])) { 

     //And theres already a try with there IP; 
     if($trycount != '0') { 

      //Increment there try count and give a notification; 
      updateTries(); ?> 
      <script type="text/javascript">localStorage.setItem("notification", "nocaptcha");</script> <?php 

     //If there isn't a try on there IP yet; 
     } else { 

      //Add one try and give a notification; 
      addTry(); ?> 
      <script type="text/javascript">localStorage.setItem("notification", "nocaptcha");</script> <?php 

     } 

    //If the captcha was submitted; 
    } else { 

     //Set captcha variable to the Submitted Captcha Response; 
     $captcha=$_POST['g-recaptcha-response']; 

     //Captcha Verification Url; 
     $url = 'https://www.google.com/recaptcha/api/siteverify?secret=t&response='; 

     //JSON Encode the Captcha's response and Site IP; 
     $response = json_decode(file_get_contents($url.urlencode($captcha).'&remoteip='.$_SERVER['REMOTE_ADDR']), true); 

     //If the captcha wasn't verified; 
     if($response['success'] == false) { 

      //And theres already a try with there IP; 
      if($trycount != '0') { 

       //Increment there try count and give a notification; 
       updateTries(); ?> 
       <script type="text/javascript">localStorage.setItem("notification", "captchafailed");</script> <?php 

      //If there isn't a try on there IP yet; 
      } else { 

       //Add one try and give a notification; 
       addTry(); ?> 
       <script type="text/javascript">localStorage.setItem("notification", "captchafailed");</script> <?php 

      } 

     //Otherwise if it was verified; 
     } else { 

      //Try log in with the given details; 
      user_login($_POST['username'],$_POST['password']); 

      //If logged in redirect and give a notification;   
      if(loggedin()) { ?> 
       <script type="text/javascript">localStorage.setItem("notification", "loggedin");</script> 
       <meta http-equiv="refresh" content="0;URL='https://gameshare.io'" /> <?php 
      } else { 

       //And theres already a try with there IP; 
       if($trycount != '0') { 

        //Increment there try count and give a notification; 
        updateTries(); ?> 
        <script type="text/javascript">localStorage.setItem("notification", "loginfailed");</script> <?php 

       //If there isn't a try on there IP yet; 
       } else { 

        //Add one try and give a notification; 
        addTry(); ?> 
        <script type="text/javascript">localStorage.setItem("notification", "loginfailed");</script> <?php 

       } 

      } 

     } 

    } 

} 

USER_LOGIN功能：

//Create a new function named user_login; 
function user_login($username = false, $password = false) { 

    //Fetch for the username and password applied; 
    $st = fetch("SELECT username,password,email,image FROM users WHERE username = :username",array(":username"=>$username)); 

    //If a row was found continue 
    if($st != 0) { 

     $storedhash = $st[0]['password']; 

     if (password_verify($password, $storedhash)) { 

      //Set a new username session and set it the username; 
      $_SESSION['username'] = $username; 
      $_SESSION['email'] = $st[0]['email']; 
      $_SESSION['image'] = $st[0]['image']; 

      if($username == 'admin') { 
       $_SESSION['role'] = 'admin'; 
      } else { 
       $_SESSION['role'] = 'user'; 
      } 

     } 

    } 

    //If no errors happened Make the $valid true; 
    return true; 

    $dontaddtry = true; 

} 

取功能：

//Create a new function named fetch; 
function fetch($sql = false,$bind = false,$obj = false) { 

    //Prepare The SQL Query; 
    $query = Connect()->prepare($sql); 

    //Execute Binded Query; 
    $query->execute($bind); 

    //While Fetching Results; 
    while($result = $query->fetch(PDO::FETCH_ASSOC)) { 

     //Add a row to the results respectiveley; 
     $row[] = $result; 

    } 

    //If there are no rows; 
    if(!empty($row)) { 

     //Make it an object; 
     $row = ($obj)? (object) $row : $row; 
    } else { 

     //Else row is false; 
     $row = false; 
    } 

    //If no errors happened Make $row true; 
    return $row; 

} 

连接功能：

//Create a new function named LoggedIn, And apply database info; 
function Connect($host = 'localhost',$username = 'x',$password = 'x',$dbname = 'x') { 

    //Try execute the PHP with no errors; 
    try { 

     //Create a PDO Session; 
     $con = new PDO("mysql:host=$host;dbname=$dbname", $username, $password); 

     //Session Attributes; 
     $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
     $con->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); 

    } 

    //Catch all PDOException errors; 
    catch (PDOException $e) { 

     //If any errors print result; 
     echo "<code><pre>".print_r($e)."</pre></code>"; 

     //Make the PDO session false; 
     $con = false; 
    } 

    //If no errors happened Make the PDO session true; 
    return $con; 
} 

P.S如果你想获得一个帐户来尝试在我的网站上让我知道和生病临时帐户。

Answer 1

确保你的新主机的PHP版本。 password_hash至少需要PHP 5.5.0。

您可以通过下面的代码检查你当前的PHP版本。

<?php 
    echo 'Current PHP version: ' . phpversion(); 
?>