此授权代码页。 MySQL数据库密码使用" password_hash"。
加密我知道这里有必要规定" password_verify"但我无法理解。
此代码:
session_start();
if(isset($_REQUEST['login_button'])||$_REQUEST['auto']==1){
require '../_database/database.php';
$errmsg_arr = array();
$errflag = false;
$user_username= mysqli_real_escape_string($database,$_REQUEST['user_username']);
$user_password= mysqli_real_escape_string($database,$_REQUEST['user_password']);
if($user_username == '') {
$errmsg_arr[] = 'BOO! WHERE LOGIN?';
$errflag = true;
}
if($user_password == '') {
$errmsg_arr[] = 'BOO! WHERE Password?';
$errflag = true;
}
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: authentication-check.php");
exit();
}
$sql="SELECT user_username,user_password FROM user WHERE user_username='$user_username'AND user_password='$user_password'";
$result= mysqli_query($database,$sql) or die(mysqli_errno());
$trws= mysqli_num_rows($result);
if($trws==1){
$rws= mysqli_fetch_array($result);
$_SESSION['user_username']=$rws['user_username'];
$_SESSION['user_password']=$rws['user_password'];
header("location:../home.php?user_username=$user_username&request=login&status=success");
}
else {
$errmsg_arr[] = 'USERNAME OR PASSWORD INCORRECT, RECHECK NOW';
$errflag = true;
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: ../components/authentication-check.php");
exit();
}
}
}