所以我有一个注册页面和一个登录页面,注册页面工作得很好,但登录页面似乎无法工作,我似乎无法弄清楚。
我的数据库似乎是工作,因为我能够呼应出哈希密码在登录的页面,似乎有事情做与 password_verify()
注册页面(工作)
<?php
include("assets/includes/conn.php");
$user = $_POST['username'];
$pass = $_POST['pass'];
$cPass = $_POST['c-pass'];
$email = $_POST['email'];
$options = [
'cost' => 11
];
if($pass == $cPass){
$stmt = $conn->prepare("INSERT INTO users (username, pass, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $user, $h_p, $email);
$user = $_POST['username'];
$h_p = password_hash($pass, PASSWORD_DEFAULT, $options)."\n";
$email = $_POST['email'];
$stmt->execute();
echo "Created";
echo $h_p;
$stmt->close();
$conn->close();
}
登录页面(不工作)
<?php
include("assets/includes/conn.php");
$username = $_POST['username'];
$password = $_POST['pass'];
$sql = "SELECT * FROM users WHERE username = '$username'";
$result = $conn->query($sql);
if ($result->num_rows == 1){
$row = $result->fetch_assoc();
$hash = $row['pass'];
if(password_verify($password, $hash)){
echo "Yes";
} else {
echo "No<br/>";
echo "" . $hash . "<br/>";
echo $password;
}
}
我有一些想法,为什么它失败,但你可以看到下面的答案。 –
确保你[显示错误](http://stackoverflow.com/questions/1053424/how-do-i-get-php-errors-to-display),以防万一你的变量没有正确发送脚本等 – Mike
@Mike问题是我不认为这是一个错误,它只是告诉我,密码是不正确的,即使它是,这可能与它被哈希 –