所以我目前正在学习PHP,我正在使用POST方法创建一个带注册表单的简单PHP页面。在表单提交时,页面哈希密码(使用phpass),验证用户名是否有效(即,它当前不存在于数据库中)并插入,如果这是真的。我的代码是插入新行,但我没有看到存储用户名或哈希值的值。这是PHP:
require("PasswordHash.php");
$unSuccess = false;
$pwSuccess = false;
$registerSuccess = false;
$spamSuccess = false;
$database = "XXXXXXX";
$username = "XXXXXXX";
$password = "XXXXXXX";
$server = "XXXXXXX";
$db = new mysqli($server, $username, $password, $database);
$user = "";
$pass = "";
if (mysqli_connect_errno())
{
printf("Connection failed: %s\n", mysqli_connect_error());
exit();
}
if($_POST["usr"] && !$unSuccess){
$un = $_POST["usr"];
if(strlen($un) < 20){
//Verify Username is valid
if(preg_match("/([A-Za-z0-9])/", $un) == 1){
//Username is valid, check if it already exists in db.
$unCheckQuery = "SELECT USERS.Username FROM USERS WHERE USERS.Username = '$un'";
$result = $db->query($unCheckQuery);
$num = $result->num_rows;
$result->close();
if($num != 0){ $errUsername = "Username already exists."; $unSuccess = false; }
}
else{
//Username is valid and not taken
$user = $un;
$unSuccess = true;
}
}
}
if($_POST["password"] && !$pwSuccess){
//verify and hash pw
$pw = $_POST["password"];
if(str_len($pw) > 72){die("Password must be shorter than 72 characters");}
$hasher = new PasswordHash(8, false);
$hash = $hasher->HashPassword($pw);
if(strlen($hash) >= 20 && preg_match($pattern, $pw) == 1){
$pass = $hash;
echo $pass;
$pwSuccess = true;
}
else{
$pwSuccess = false;
}
}
if($_POST["spam"]){
$s = $_POST["spam"];
if($s != 10){
$spamSuccess = false;
}
else if($s == 10) {$spamSuccess = true;}
}
if($unSuccess = true && $pwSuccess = true && $spamSuccess = true){
$registerQuery = "INSERT INTO USERS(Username, phash) VALUES('$user', '$pass')";
//This line is breaking evrything.
$db->query($registerQuery);
}
我使用的表单是一个简单的HTML表单。由于显而易见的原因,我省略了登录信息任何指向正确方向的人都会非常感激!
答案 0 :(得分:0)
let shared_hash = Arc::new(FakeMutex::new(new_hash()));
for _ in 0..n_cpu {
println!("start thread");
let my_hash = shared_hash.clone();
thread_pool.push(thread::spawn(move || {
let mut my_hash = my_hash.lock();
let mut search_engine = SearchEngine::new();
search_engine.search(&mut myhash);
}));
}
for i in thread_pool {
let _ = i.join();
}
需要
if($unSuccess = true && $pwSuccess = true && $spamSuccess = true)
答案 1 :(得分:0)
原来这个特殊问题是由服务器端的安全问题引起的。此代码在语法上是正确的。