我用这个简单的登录代码编写了这个。当我输入密码的哈希我输入加上我的数据库中的盐,这是假设匹配数据库中的密码,但它没有。请帮忙。这是我的代码
if(isset($_POST['uname'],$_POST['password'])){
$uname = sanitize($_POST['uname']);
$password = sanitize($_POST['password']);
if(user_exists($uname)==false){
$errors[] = 'username invalid!';
}
if(empty($errors)==true && empty($_POST)==false){
$salt = get_salt($uname);
$pass = get_passwd($uname);
if(hashgen($password,$salt) === $pass){
$_SESSION['username'] = $uname;
header('Location:update.php');
}else{
echo 'incorrect username password combination!';
}
}else{
echo '<pre>',print_r($errors),'</pre>';
}
}
//my functions
function user_exists($name){
$count = DB::getInstance()->getcount("SELECT COUNT(id) FROM admin WHERE username='{$name}'");
return ($count !=0) ? true :false;
}
function get_passwd($string){
$query = DB::getInstance()->query("SELECT password FROM admin WHERE name='{$string}'");
foreach($query->results() as $row){
return $row->password;
}
}
function get_salt($string){
$query = DB::getInstance()->query("SELECT salt FROM admin WHERE name='{$string}'");
foreach($query->results() as $row){
return $row->salt;
}
}
function hashgen($string,$salt){
return hash('sha256',$string.$salt);
}
function saltgen($length){
return mcrypt_create_iv($length);
}