PHP用户登录系统无法正常运行

时间:2013-08-05 16:16:14

标签: php html

出于某种原因,它显示加密的密码,我认为我使用了explode()不正确.. 有人能指出我正确的方向吗?

<?php
    $teamname   = $_POST['teamname'];
    $teamname   = strtolower($teamname);

    $u_username = $_POST['username'];
    $u_username = strtolower($u_username);
    $key = $_POST['password'];

    // encrypt
    $iv = md5(md5($key));
    $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, $iv);
    $output = base64_encode($output);

    $file = readfile("teams/$teamname/config.txt","r"); // try to figure out why it's not working
    list($username, $password) = explode(":", $file);

    if ($u_username === $username) 
    {
        if ($password === $u_password) 
        {
            echo "Successfull";
        } 
        else 
        {
            echo "Incorrect Password";
        }
    } 
    else 
    {
        echo "Incorrect Username..";
    }
?>

CONFIG.TXT        伊万:bKaeoqHLoPI058d6GJ9IlA4fA / mcoRJ70ZNI3gAczU4 =

1 个答案:

答案 0 :(得分:2)

这是因为您将密码存储为$output,但您引用的是$u_password 

if ($password === $u_password) {
    echo "Successfull";
} else {
    echo "Incorrect Password";
}

应该是

if ($password === $output) {
    echo "Successfull";
} else {
    echo "Incorrect Password";
}

<强>替代地 

$output = base64_encode($output);

应该是

$u_password = base64_encode($output);

<强> TEST 

if ($u_username == $username)
{
    if ($password == $u_password)
    {
        echo "Successfull";
    } else {
        echo "Incorrect Password [" . $u_password . '] != [' . $password . ']';
    }
} else {
    echo "Incorrect Username.. [" . $u_username . '] != [' . $username . ']';
}
相关问题
最新问题