当我尝试更新用户密码时,有人能告诉我为什么我收到错误消息?这是表格:
{!! Form::model($user, ['method' => 'PATCH', 'class' => 'bootstrap-wrapper', 'action' => ['UserController@passwordUpdate', $user->id]]) !!}
<div class="form-group col-md-4">
{!! Form::label('passwordOld', 'Įrašykite dabartinį slaptažodį') !!}
{!! Form::password('passwordOld', ['class' => 'form-control']) !!}
</div>
<div class="form-group col-md-4">
{!! Form::label('password', 'Įrašykite naują slaptažodį') !!}
{!! Form::password('password', ['class' => 'form-control']) !!}
</div>
<div class="form-group col-md-4">
<br>{!! Form::submit('Išsaugoti', ['class' => 'form-control btn btn-success',
'style' => 'height: 45px']) !!}
</div>
{!! Form::close() !!}
这是功能:
public function passwordUpdate(Request $request, $id)
{
$user = User::where('id', $id)->first();
$passwordOld = Hash::make($request->passwordOld);
if(Auth::user()->id == $user->id && $passwordOld == $user->password){
$user->password = Hash::make($request->password);
$user->save();
flash()->success('Slaptažodis sėkmingai pakeistas.');
return redirect()->back();
}
else {
flash()->error('Jūs neturite teisių.');
return redirect()->back();
}
}
导致我else
语句被执行的原因是什么?
答案 0 :(得分:1)
散列旧密码然后比较字符串值不会按预期工作,因为每次都会得到不同的哈希值。
所以代替:
Hash::make($request->passwordOld);
做的:
Hash::check($request->passwordOld, Auth::user()->password);