我已经创建了一个名为SQL的类,在类的内部我有一个名为Login()的函数。我设法通过以下方式使其工作:
if (isset($_POST['username']) && isset($_POST['password'])) {
$con = $this->DbConnect();
$password = $_POST['password'];
$username = strtolower($_POST['username']);
$password_hash = sha1($password);
$sql = "SELECT * FROM users WHERE email='$username' and password='$password_hash' LIMIT 1";
$query = mysqli_query($con, $sql);
$count = mysqli_num_rows($query);
//Login succes
if ($count == 1) {
echo "succes";
}
}
我已经通过以下方式尝试了它并且无法使其工作,你们有任何想法为什么?
更新
$con = $this->DbConnect();
$password = $_POST['password'];
$username = strtolower($_POST['username']);
$password_hash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $this->DbConnect()->prepare("SELECT email,password FROM users WHERE email=? and password=? LIMIT 1");
$stmt->bind_param("ss", $username, $password_hash);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($username, $password_hash);
$stmt->fetch();
$count = $stmt->num_rows;
var_dump($password_hash);
echo $count;
//Login succes
if (password_verify($password, $password_hash)){
}
if ($count == 1){
// header("location:");
}else{
// header("location:?error=1");
}