我试图创建一个PHP的用户名和密码检查,但不能让它的工作,这里是代码:检查用户名和密码,PHP
<?php
$servername = "iphere";
$user = "userhere";
$pass = "passwordhere";
$dbname = "databasehere";
try {
$username = $_GET['username'];
$password = $_GET['password'];
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $user, $pass);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("SELECT username FROM users WHERE username = :name AND password = :password");
$stmt->bindParam(':name', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
if($username == $result && $password == $result)
{
echo "OK";
}
else
{
echo "not OK";
}
}
catch(PDOException $e) {
echo "Error";
}
$conn = null;
?>
它不给任何错误或任何东西。它只是回声好,那就是它。顺便说一句,我用GET来做我的另一个项目。所以我稍后会改变它。
**危险**:“根本不哈希”是[不适合的哈希算法](http:// php达网络/手动/ EN/faq.passwords.php);你需要[更好地照顾](https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet)你的用户密码。 – Quentin
也许是'print_r($ result)'的时候了? –
从来没有**永远**以明文存储密码 – litelite