由于password_verify的实现,我的登录文件遇到了一些麻烦。没有password_verify()验证,文件工作正常。
在我的登录文件下面:
<?php
include 'config.inc.php';
// Innitialize Variable
$result='';
$username = $_POST['username'];
$userpassword = $_POST['password'];
// Query database for row exist or not
$sql = 'SELECT password FROM user WHERE email = :username';
$stmt = $connection->prepare($sql);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':userpassword', $userpassword, PDO::PARAM_STR);
$stmt->execute();
// $row = mysqli_fetch_array($stmt);
$row = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (password_verify($userpassword, $row['password'])) {
$result="true";
} else {
$result="false";
}
// send result back to android
echo $result;
?>
这里也是我的Register文件(运行良好)供参考:
<?php
include 'config.inc.php';
// Check whether username or password is set from android
if(isset($_POST['user']) && isset($_POST['email']) && isset($_POST['password']))
{
// Innitialize Variable
$result='';
$user = $_POST['user'];
$email = $_POST['email'];
$password = $_POST['password'];
// Encryption of password
$options = [
'cost' => 12,
];
$password = password_hash($password, PASSWORD_BCRYPT, $options);
// Query database for row exist or not
$sql = 'INSERT INTO user VALUES (NULL, :user, :email, :password, 0, 1, 1)';
$stmt = $connection->prepare($sql);
$stmt->bindParam(':user', $user, PDO::PARAM_STR);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->execute();
if($stmt->rowCount())
{
$result="true";
}
elseif(!$stmt->rowCount())
{
$result="false";
}
// send result back to android
echo $result;
}
?>
感谢您的支持!
奥利弗
答案 0 :(得分:-1)
1&GT;请检查您的密码字段的数据库是否为哈希格式值插入
2 - ;然后你的登录页面sql查询检查
3&GT;如果密码是插入哈希格式化值,则必须选择密码 php哈希函数选择你的帖子密码