比较数据库中的哈希密码和$ _POST ['密码']

时间:2016-02-06 21:37:04

标签: php

我使用phppass 0.3库来获取哈希会员的密码。注册工作正常:

require_once("PasswordHash.php");
$t_hasher = new PasswordHash(8, FALSE);
$password_in_hash = $t_hasher->HashPassword($password);
$now = time();
$sql = "INSERT INTO users (username, email, password, ip, register_date, last_activity) VALUES (?, ?, ?, ?, ?, ?)";
$result = $pdo->prepare($sql);
$count = $result->execute(array($login, $email, $password_in_hash, $ip, $now, $now));

但我的授权有问题。当我对密码进行哈希时,我得到一个新密码,而不是来自DB的旧密码。问题是什么?

require_once("PasswordHash.php");
$sql = "SELECT * FROM users WHERE username =?";
$sth = $pdo->prepare($sql);
$sth->execute(array($login));
$rows = $sth->fetch(PDO::FETCH_ASSOC);
print_r($rows);
$t_hasher = new PasswordHash(8, FALSE);
$check_password = $t_hasher->CheckPassword($password, $rows['password']);

0 个答案:

没有答案