如果我这样做会有效:
<?php
$password = 'abc123';
$hash = password_hash($password,PASSWORD_BCRYPT);
if(password_verify('abc123',$hash)){
echo 'Yes';
}
else{
echo 'no';
}
?>
但是当我将此代码实现到我的登录formhandler时,password_verify()方法总是会给我错误的。 我的代码在这里:
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sqlSelect = "SELECT Email, Password FROM UserDetail WHERE Email='$email'";
$result = $conn->query($sqlSelect);
if ($result->num_rows == 1) {
$row = $result->fetch_assoc();
$pass = $row['Password'];
if(password_verify($password,$row['Password'])) {
print "Welcome ".$row['Name'].". You have logged in";
} else {
echo "wrong passw";
echo "$pass";
}
} else {
echo "wrong email";
}
总会说错误的密码。 我测试了添加变量,它们正常工作。这是因为password_hash和password_verify仅在同一个php脚本中使用时才有效吗?