嘿伙计们我正在尝试设置一个更改密码功能,用户可以通过知道courrent密码来更改自己的密码。当我比较这些值以匹配他们不能获得的密码时问题就出现了相同的值。我在密码字段中插入用户默认值,这是'admin1234'的加密值。当我使用此密码登录时,一切都是好的。然后我转到更改密码字段...从表单中检索密码...加密它然后比较它......它结果是一个不同的值...我发现 echo - 他们和行为他们是一个不同的价值观......我在这里错过了什么?
更新密码功能:
public function change_password(Request $request, $id)
{
$this->validate($request, array(
'courrent_password'=>'required|max:255',
'new_password'=>'required|max:255'
));
$user = User::find($id);
if($user->password == bcrypt($request->courrent_password))
{
/*$user->password = $request->new_password;
if($user->save())
{
return redirect(route('user_profile',$id))->with('success', sprintf('Password successfully saved.'));}
else if ($validation->fails())
{
return redirect(route('user_profile',$id.'#tab_1-3'));
}*/
}
else
{
echo bcrypt($request->courrent_password).' new password';
echo'<br><br>'.$user->password.' password';
//return redirect(route('user_profile',$id.'#tab_1-3'))->with('error', sprintf("Current password doesn't match"));
}
}
更新密码表格:
{!! Form::open(array('route' => ['change_password',$user-> id],'id' => 'form_sample_2','class'=>'form-horizontal','novalidate' => 'novalidate','role' => 'form')) !!}
{!! csrf_field() !!}
<div class="form-body">
<div class="alert alert-danger display-hide">
<button class="close" data-close="alert"></button> You have some form errors. Please check below. </div>
<div class="alert alert-success display-hide">
<button class="close" data-close="alert"></button> Your form validation is successful! </div>
<div class="form-group">
<label class="control-label col-md-3">Courrent Password
<span class="required" aria-required="true"> * </span>
</label>
<div class="col-md-4">
<input type="password" name="courrent_password" data-required="1" id="courrent_password" class="form-control">
</div>
</div>
<div class="form-group">
<label class="control-label col-md-3">New Password
<span class="required" aria-required="true"> * </span>
</label>
<div class="col-md-4">
<input type="password" name="new_password" data-required="1" id="password" class="form-control">
</div>
</div>
<div class="form-group">
<label class="control-label col-md-3">Retype Password
<span class="required" aria-required="true"> * </span>
</label>
<div class="col-md-4">
<input type="password" name="repassword" data-required="1" id="repassword" class="form-control" onkeyup="checkPass(); return false;">
<span class="help-block" id="checkpass"></span>
</div>
</div>
</div>
<div class="form-actions">
<div class="row">
<div class="col-md-offset-3 col-md-9">
<button type="submit" id="submit" class="btn green">Submit</button>
<button type="button" class="btn grey-salsa btn-outline">Cancel</button>
</div>
</div>
</div>
{!! Form::close() !!}
这是echo-ed
的结果$2y$10$2S/6BBrBdxe9FHzjH33g0elCgjUov4Pq7EBkRwE.n2JkbvCwHXPFC new password
$2y$10$55V3ZfdbDOutDUZKO3q6nezntlQqYqqiyhVhwTPEnWuZmy.8/QxYG password
答案 0 :(得分:0)
使用它:
if(Auth::attempt(['email' =>Auth::user()->email, 'password'=>$request['courrent_password']]))
而不是:
if($user->password == bcrypt($request->courrent_password))
答案 1 :(得分:0)
您不能匹配两个bcrypt值。因此,我们可以使用Hash :: check()方法比较加密的值。 您可以尝试一下。
public function changePassword(changePasswordValidator $request)
{
$password = $request->password;
$person_id = $request->person_id;
$sub = Subadmin::find($person_id);
if(Hash::check($password, $sub->subadmin_password)) {
return response()->json([
'status'=>false,
'message'=>'Similar to Old Password',
]);
}
$sub->subadmin_password = bcrypt($password);
$sub->save();
}