我不知道我的代码中有什么问题 hash.php(插入bycryp密码)
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//pass
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$salt = md5(uniqid(rand()));
$options = [
'cost' =>11,
'salt' => $salt
];
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."\n";
$sql = mysqli_query($con, "INSERT INTO `pass`(`nama`, `hash_password`, `salt`) VALUES ('$w5','$hash_password','$salt')")or die(mysqli_error($con));
if ($sql) {
echo $hash_password;
} else {
echo "gagal";
}
?>**
hashlog.php
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//user
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$sql = mysqli_query($con, "select hash_password from pass where nama='$w5'")or die(mysqli_error($con));
$row = mysqli_fetch_assoc($sql);
$hash = $row['hash_password'];
$hash = $row['hash_password'];
//$hash ='$2y$11$0be5c43957cd3df608521u4PiYrUUyK/dQRSlc/g5UVdDdKk1WChy';
if (password_verify($w6, $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>**
在我的情况下,尽管密码正确,但密码始终无效 请帮帮我
答案 0 :(得分:0)
问题是您指定了无效的salt值。您不应该自己指定salt,只需让库为您生成一个。如果您真的想要指定salt,请使用这样的代码来执行此操作:
$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);
另外,我认为您的问题是在散列密码中附加\n;你必须删除它:
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."\n"; //remove this "\n"