我正在做一个学校项目,我们正在尝试为用户启用登录。注册工作正常,进程使用password_hash()哈希密码,这一切都归结为数据库。但是我们无法登录,并且PHP很难调试,不知道我们的代码有什么问题。
<?php
// Connect to database
require "connect.php";
$user = $_POST['loginusername'];
$pass = $_POST['loginpassword'];
$query = "SELECT password FROM user WHERE username = '$user'";
$result = mysqli_query($conn, $query);
if(password_verify($pass, $result)) {
// Redirect to Feed-page
header("Location: feed.php");
} else {
echo "Invalid password";
echo $query;
echo $conn->error;
echo $result;
echo $pass;
die();
}
$conn->close();
?>
我们在这里尝试做什么:
如果验证失败,它应该将内容回显到浏览器中,由于某种原因,它似乎对我们无效......
我们是PHP的全部新手,所以如果有人可以看一看并解决我们现在抨击我们的头几天的问题,我会感激不尽。< / p>
答案 0 :(得分:-1)
在输出结果
之前,您需要使用mysqli_query<?php
// Connect to database
require "connect.php";
$user = $_POST['loginusername'];
$pass = $_POST['loginpassword'];
$query = "SELECT password FROM user WHERE username = '$user'";
$result = mysqli_query($conn, $query);
if(mysqli_num_rows($result) > 0) {
$res= mysqli_fetch_array($result);
if(password_verify($pass, $res['password'])) {
// Redirect to Feed-page
header("Location: feed.php");
} else {
echo "Invalid password";
echo $query;
echo $conn->error;
echo $result;
echo $pass;
die();
}
} else {
echo echo "User not exist";
}
$conn->close();
?>
答案 1 :(得分:-2)
我认为这段代码很有用
您的登录将完成。
<?php
include("config.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
// username and password sent from form
$myusername = mysqli_real_escape_string($db,$_POST['loginusername']);
$mypassword = mysqli_real_escape_string($db,$_POST['loginpassword']);
$sql = "SELECT id FROM admin WHERE username = '$myusername' and password = '$mypassword'";
$result = mysqli_query($db,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['active'];
$count = mysqli_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count == 1) {
session_register("myusername");
$_SESSION['login_user'] = $myusername;
header("location: welcome.php");
}else {
$error = "Your Login Name or Password is invalid";
}
}
?>
在此选择&#39;查询密码&#39;名称用于您的数据库字段。