所以我按照教程说明了如何登录,
但我在我的phpmyadmin中输入了用户名和密码,但每当我尝试登录时都说:用户名或密码未找到这是代码;
<!--Begin webshop WOOOH-->
<?php
session_start();
//DB configuration Constants
include("class.php");
//PDO Database Connection
try {
$databaseConnection = new PDO('mysql:host='._HOST_NAME_.';dbname='._DATABASE_NAME_, _USER_NAME_, _DB_PASSWORD);
$databaseConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
if(isset($_POST['submit'])){
$errMsg = '';
//username and password sent from Form
$username = trim($_POST['username']);
$password = trim($_POST['password']);
if($username == '')
$errMsg .= 'You must enter your Username<br>';
if($password == '')
$errMsg .= 'You must enter your Password<br>';
if($errMsg == ''){
$records = $databaseConnection->prepare('SELECT id,username,password FROM tbl_users WHERE username = :username');
$records->bindParam(':username', $username);
$records->execute();
$results = $records->fetch(PDO::FETCH_ASSOC);
if(count($results) > 0 && password_verify($password, $results['password'])){
$_SESSION['username'] = $results['username'];
header('location:dashboard.php');
exit;
}else{
$errMsg .= 'Username and Password are not found<br>';
}
}
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="css/style.css">
<link rel="stylesheet" type="text/css" href="css/reset.css">
<title>Webshop 2016</title>
</head>
<body>
<div id="wrapper">
<div id="header">
<ul>
<li><a href="#">Info</a></li>
<li><a href="#">Login</a></li>
<li><a href="#">Webshop</a></li>
<li><a href="#">Home</a></li>
</ul>
</div>
<!--Main content!-->
<div id="content">
<div align="center">
<div style="width:300px; border: solid 1px #006D9C; " align="left">
<?php
if(isset($errMsg)){
echo '<div style="color:#FF0000;text-align:center;font-size:12px;">'.$errMsg.'</div>';
}
?>
<div style="background-color:#006D9C; color:#FFFFFF; padding:3px;"><b>Login</b></div>
<div style="margin:30px">
<form action="" method="post">
<label>Username :</label><input type="text" name="username" class="box"/><br /><br />
<label>Password :</label><input type="password" name="password" class="box" /><br/><br />
<input type="submit" name='submit' value="Submit" class='submit'/><br />
</form>
</div>
</div>
</div>
</div>
<div id="footer">
Footer
</div>
</div>
</body>
</html>
这是class.php(连接文件)
<?php
define('_HOST_NAME_', 'localhost');
define('_USER_NAME_', 'root');
define('_DB_PASSWORD', '####');
define('_DATABASE_NAME_', 'ws_webshop');
//PDO Database Connection
try {
$databaseConnection = new PDO('mysql:host='._HOST_NAME_.';dbname='._DATABASE_NAME_, _USER_NAME_, _DB_PASSWORD);
$databaseConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
?>
有没有人看到这个问题?
用户和传递是演示/演示,但他说没有找到用户名或密码......
答案 0 :(得分:3)
来自docs:
如果密码和哈希匹配则返回TRUE,否则返回FALSE。
如果您没有使用password_hash()
在数据库中插入密码,请使用password_verify()
在此处进行检查:
if(count($results) > 0 && password_verify($password, $results['password'])){
将始终失败,因为该函数需要使用普通密码与密码的哈希值进行比较。有关PHP密码函数的更多信息,请阅读this post.
此外,您可能会发现自己想要限制密码和you really shouldn't do that。