基本上。我有一个问题是解密我的密码。这是一个虚拟项目,并在mysql中完成(我知道它现在已经折旧,我正在学习mysqli和PDO目前)。
我可以完美地哈希密码,如下:
$password = password_hash("$password1", PASSWORD_DEFAULT);
$password = substr( $hash, 0, 60 );
我的数据库密码字段设置为CHAR(255)所以我感到难过..目前我的密码运行方式如下:
// Define $username and $password
if (isset($_POST["action"]) && $_POST["action"]=="login")
{
$username =$_POST["username"];
$password =$_POST["password"];
// SQL query to fetch information of registered users and finds user match.
//searches table for a username and password matching post data
$dbQuery = "SELECT * FROM users WHERE username = '$username';";
$dbResult = mysql_query($dbQuery);
$dbRow=mysql_fetch_array($dbResult);
$username = $dbRow["username"];
// checks if user exists from sql
if(mysql_num_rows($dbResult)==0)
{
echo '<script language="javascript">';
echo 'alert("Oops! No user exists under that username!")';
echo '</script>';
}
$hash = $dbRow['password'];
// checks if password matches stored hash
if (password_verify('$password', $hash)) {
echo 'Password is valid!';
} else {
echo 'Password is valid!';
}
}
任何帮助都会非常感激!感谢