所以我创建了一个简单的登录页面,我在不同的项目中使用了这个确切的代码并且效果很好,现在由于某些原因它不起作用。我猜测我错过了一些明显的东西但是1小时后我似乎无法找到它。
PHP版本:7.2.5
登录页面:
<?php require "../db.php";
$username = $password = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = mysqli_real_escape_string ( $con, $_POST['username']);
$password = mysqli_real_escape_string ( $con, $_POST['password']);
$hash = $con->query("SELECT password FROM users WHERE username = '$username'")->fetch_object()->password;
print_r($password);?><br><?php
$hash2 = password_hash($password, PASSWORD_DEFAULT);
echo $hash2;?><br><?php
print_r($hash);?><br><?php
var_dump(password_verify($password, $hash));
// if (password_verify($password, $hash)) {
// session_start();
// $_SESSION['username'] = $username;
// header("Location: ../seldep.php");
// die();
// }
// else {
// header("Location: ../index.php?1");
// die();
// }
}
?>
现在有很多测试代码可供测试。
如果我创建一个全新的帐户并尝试登录,则返回false,但我更改它以便用户在登录时输入密码并在同一文件中使用密码并通过password_verify将其返回true。它应该完全相同,但它不起作用。这里有明显的问题吗?
编辑: 以下是尝试使用用户名登录时的输出:5和密码:5(这是在数据库中并且已经注册了。)
$2y$10$wjvfZh5EQPoXDGt89JfyXOA2TMq4MfvAQHNPXte939BcH.9y.3Ecm
$2y$10$L2horMNAcXETSvOPQDCaMOoXtie3VQ4rRWhLhj5OK5.2sqHCnzRWK
$2y$10$uuQshjMaeepm6aY8.4lBne88tFo5oKem54wztm.dLXT
bool(false)
5
使用以下表单进行更新:
<form action="accounts/login.php" method="post">
<div class="z-depth-3 y-depth-3 x-depth-3 grey green-text lighten-4
row" style="display: inline-block; padding: 32px 48px 0px 48px;
border: 1px;
margin-top: 100px; solid #EEE;">
<div class="section"></div>
<div class="section"></div>
<h1 class="grey-text" style="font-size: 20px;"> <?php echo
CLAN_NAME; ?> </h1>
<div class='row'>
<h1 class="grey-text" style="font-size: 20px;"> LOGIN </h1>
<div class='input-field col s12'>
<input class='validate' type="text" name='username' required />
<label for='email'>Username</label>
</div>
</div>
<div class='row'>
<div class='input-field col m12'>
<input class='validate' type='password' name='password' required
/>
<label for='password'>Password</label>
</div>
<label style='float: right;'>
<b style="color: #F5F5F5;">Forgot Password?</b>
</label>
</div>
<br/>
<center>
<div class='row'>
<button style="margin-left:75px;" type='submit'
name='btn_login' class='col s6 btn btn-small white black-text
waves-effect z-depth-1 y-depth-1'>Login</button>
</div>
<div class='row'>
<a href="accounts/register.php" style="margin-left:75px;"
class='col s6 btn btn-small white black-text waves-effect z-
depth-1 y-depth-1'>Request access</a>
</div>
</center>
</div>
</form>
我的不好,你走了:(更新/编辑)
<?php require "../db.php" ?>
<?php session_start(); ?>
<?php
$username = $email = $password = $password2 = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$username = mysqli_real_escape_string ( $con, $_POST['username']);
$email = mysqli_real_escape_string ( $con, $_POST['email']);
$password = mysqli_real_escape_string ( $con, $_POST['password']);
$password2 = mysqli_real_escape_string ( $con, $_POST['password2']);
if ($password == $password2) {
$hash = password_hash($password2, PASSWORD_DEFAULT);
$sql = "INSERT INTO users (username, email, password)
VALUES ('$username', '$email', '$hash')";
if ($con->query($sql) === TRUE) {
header("Location: register.php?rg");
die();
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}
} else {
header("Location: register.php?passwordDontMatch");
}
}
?>
更新了注册表格:
<form action="registerdone.php" method="post">
<div class="z-depth-3 y-depth-3 x-depth-3 grey green-text lighten-4 row" style="display: inline-block; padding: 32px 48px 0px 48px; border: 1px; margin-top: 100px; solid #EEE;">
<div class="section"></div>
<div class="section"></div>
<div class='row'>
<h1 class="grey-text" style="font-size: 20px;"> REQUEST ACCESS </h1>
<!-- Defining the username -->
<div class='input-field col s12'>
<input class='validate' type="text" name='username' id='email' required />
<label for='email'>Username</label>
</div>
<!-- Defining the email -->
<div class='input-field col s12'>
<input class='validate' type="text" name='email' id='email' required />
<label for='email'>Email</label>
</div>
</div>
<div class='row'>
<!-- Defining the password -->
<div class='input-field col m12'>
<input class='validate' type='password' name='password' id='password' required />
<label for='password'>Password</label>
</div>
<!-- Confirming the passwords matching -->
<div class='input-field col m12'>
<input class='validate' type='password' name='password2' id='password' required />
<label for='password'>Confirm password</label>
</div>
</div>
<br/>
<center>
<div class='row'>
<button style="margin-left:75px;" type='submit' name='btn_login' class='col s6 btn btn-small white black-text waves-effect z-depth-1 y-depth-1'>Request access</button>
</div>
<div class='row'>
<a href="../index.php" style="margin-left:75px;" class='col s6 btn btn-small white black-text waves-effect z-depth-1 y-depth-1'>Login page</a>
</div>
</center>
</div>
</form>
使用以下输出进行更新:
$hash = password_hash($password, PASSWORD_DEFAULT);
print_r($hash);?><br><?php
var_dump($hash);?><br><?php
$hash2 = password_hash($password2, PASSWORD_DEFAULT);
print_r($hash2);?><br><?php
var_dump($hash2);?><br><?php
die();
输出如下:
string(60) "$2y$10$VECqLlJwpndtDSv3r/U4z.4JsIZjXoFUuj7ALkzlFQuTeUKVcK/ze"
$2y$10$x8MLKNwcvbhY7AoYxPiFyOaEazE2rfS2nbqVetATATuH1QpnwLa96
string(60) "$2y$10$x8MLKNwcvbhY7AoYxPiFyOaEazE2rfS2nbqVetATATuH1QpnwLa96"
$2y$10$VECqLlJwpndtDSv3r/U4z.4JsIZjXoFUuj7ALkzlFQuTeUKVcK/ze