I created a login page, but when the code want to verify the hashed password with the entered password, it showed me the error message.
<?php
session_start();
$pdo = new PDO(xxxx);
if(isset($_GET['login'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$statement = $pdo->prepare('SELECT * FROM users WHERE username = :username');
$result = $statement->execute(array('username' => $username));
$user = $statement->fetch();
//verify password
if ($user !== false && password_verify($password, $user['passwort'])) {
$_SESSION['userid'] = $user['id'];
die('Login succesfull');
} else {
$errorMessage = "Login error";
}
}
if(isset($errorMessage)) {
echo $errorMessage;
}
?>
Now I edited the code with the help of Drew's manual, but it doesn't work either.
<?php
session_start();
$pdo = new PDO(xxxxx);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if(isset($_GET['login'])) {
$username = $_POST['username'];
$passwort = $_POST['password'];
$query = $pdo->prepare("SELECT * FROM users WHERE username=:username");
$query->bindParam(':username', $username);
$query->execute();
unset($_SESSION['username']);
if(($row = $query->fetch()) && (password_verify($passwort,$row['passwort']))){
$_SESSION['username'] = $row['username'];
//header("Location: ../../myaccount/myaccount.php");
echo "hurray, you authenticated.<br/>";
}
else {
//header("Location:../../login/login.php ");
echo "invalid login<br/>";
}
}
?>
答案 0 :(得分:0)
如果您在用户注册后对密码进行了哈希处理并保存在数据库中,那么您还应该撤消该哈希值,以便在登录时验证用户。在撤消哈希值后,将<ComboBox Name="listSelect" ItemsSource="{Binding DataInstance.ItemList}">
<ComboBox.ItemTemplate>
<DataTemplate>
<TextBlock Text="{Binding ItemNumber, Mode=OneWay}" />
</DataTemplate>
</ComboBox.ItemTemplate>
<ComboBox.ItemsPanel>
<ItemsPanelTemplate>
<StackPanel Orientation="Vertical" />
</ItemsPanelTemplate>
</ComboBox.ItemsPanel>
</ComboBox>
与数据库中的等价物进行比较。