password_verify()500错误

时间:2016-12-11 04:09:31

标签: php mysqli

由于某些原因我不知道当我尝试使用此登录脚本加载页面时收到500错误。我知道它与IF语句有关,但我不确定是什么

<?php  //Start the Session
session_start();
require('connect.php');
if (isset($_POST) & !empty($_POST)){
  $username = $_POST['username'];
  $password = $_POST['password'];

   $sql = $connection->prepare("SELECT * FROM login WHERE username=username");
   $sql->bindParam('username', $username);
   $sql->execute();
    if(($row = $sql->fetch()) && (password_verify($$password,$row['password']))){

              echo "hurray, you authenticated.<br/>";
          }
          else {
              //header("Location:../../login/login.p
  echo "invalid login<br/>";
}

?>

这是参考的注册脚本

<?php
require_once('connect.php');
if(isset($_POST) && !empty($_POST)){
    $username = mysqli_real_escape_string($connection, $_POST['username']);
    $email = mysqli_real_escape_string($connection, $_POST['email']);
    $password =$_POST['password'];
    $password = password_hash($password,PASSWORD_BCRYPT);


    $sql = $connection->prepare("INSERT INTO `login` (username, email, password) VALUES (?, ?, ?)");
    $sql->bind_param("sss", $username, $email, $password);
    $sql->execute();
    if($sql){
        echo "User Rego Secussefull";
    }else{
        echo "User rego failed";
    }
 }

?>

1 个答案:

答案 0 :(得分:1)

如果username=:username这返回了变量密码的名称,您可以更改为$$password准备法则并查看行。在此处查看更多内容(https://secure.php.net/manual/pt_BR/language.variables.variable.php

您更改为简化您的第一个if:to:

if (isset($_POST['username']) && isset($_POST['password']) {

if (empty($_POST) { // $_POST is global setted by default, but empty/null