我正在为我系统中的管理员创建一个编辑个人资料页面。
所以当我来到密码部分时,我注意到密码显示为哈希。
我的代码:
$the_user_id = $_SESSION['username'];
$query = "SELECT firstname,lastname,username,email,password,user_avatar FROM users WHERE username = '{$the_user_id}' ";
$select_users_query= mysqli_query($connection,$query);
while($row = mysqli_fetch_assoc($select_users_query)) {
$username= $row['username'];
$password= $row['password'];
$firstname= $row['firstname'];
$lastname= $row['lastname'];
$email= $row['email'];
$image= $row['user_avatar'];
}
}
if(isset($_POST['edit_user'])) {
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$username = $_POST['username'];
$email = $_POST['email'];
$password = $_POST['password'];
//$post_date = date('d-m-y');
$image = $_FILES ['image']['name'];
$image_temp = $_FILES['image']['tmp_name'];
$query = "UPDATE users SET ";
$query .= "firstname = '{$firstname}', ";
$query .= "lastname = '{$lastname}', ";
$query .= "username = '{$username}', ";
$query .= "email = '{$email}', ";
$query .= "password = '{$hashed}' ";
$query .= "WHERE id = '{$the_user_id}' ";
$edit_user_query =mysqli_query($connection,$query);
密码字段:
<div class="form-group">
<div class="col-xs-12">
<div class="form-material">
<input class="form-control" type="password" name="password" value="<?php echo $password; ?>"required>
<label for="material-email">password</label>
</div>
</div>
</div>
所以如何让它显示密码?
答案 0 :(得分:1)
这是一个功能,而不是一个bug。密码是为了无法以纯文本格式检索密码而进行哈希处理。
将纯文本字符串与密码进行比较(如登录时)的唯一方法是使用与您要比较的密码相同的方式对该字符串进行哈希处理。
如果您需要将密码显示为纯文本,那么您将需要重新考虑您的模型和安全性。
