因此,在我的登录表单中,我使用此逻辑进行密码验证:
if($stmt->rowCount() == 1){
if($row = $stmt->fetch()){
$hashed_password = $row['user_password'];
if(password_verify($password, $hashed_password)){
/* Password is correct, so start a new session and save the username to the session */
session_start();
$_SESSION['username'] = $username;
header('location: welcome.php');
} else {
// Display an error message is password is not valid
$password_err = 'The password you entered was not valid.';
}
}
以下是我存储密码的方式:
// Validate Password
if(empty(trim($_POST['password']))){
$password_err = "Please enter a password.";
} elseif(strlen(trim($_POST['password'])) < 6) {
$password_err = "Password must have atleast 6 characters.";
$password = $_POST['password'];
} else {
$password = trim($_POST['password']);
}
和
if(empty($username_err) && empty($password_err) && empty($confirm_password_err) && empty($email_err)){
$user_name = $_POST['name'];
$sql = "INSERT INTO user (username, user_name, user_password, user_email) VALUES (:username, :user_name, :password, :email)";
if($statement = $connect->prepare($sql)){
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT);
$param_user_email = $email;
$param_user_name = $_POST['name'];
$statement->bindValue(':username', $param_username);
$statement->bindValue(':password', $param_password);
$statement->bindValue(':user_name', $param_user_name);
$statement->bindValue(':email', $param_user_email);
if($statement->execute()){
header("location: login.php");
} else {
echo "Something went wrong. Please try again later.";
}
}
如果我正在尝试登录。它显示密码不正确错误。逻辑上有什么不对。
以上粘贴的代码不完整。我只是粘贴了密码比较逻辑。
编辑:这不是重复。最后一个是注册表,这个是登录表。