密码哈希和Codeigniter

时间:2018-06-08 12:29:31

标签: php mysqli codeigniter-3

我可以在用户注册过程中对密码进行哈希处理,但是在登录期间将用户输入与数据库中的用户输入进行比较并不会产生错误。 这是注册的插页。请告诉我我出错的地方

 public function insert_client($codeDigits)
 {
    $options = ['cost'=>12];
    $response = $this->taken_email($_POST['Email']);
    if($response){
        $returned = false;
    }else{
            $this->FirstName    = $_POST['FirstName']; 
            $this->LastName    = $_POST['LastName'];
            $this->Email     = $_POST['Email'];  
            $this->Role_Id     = 2;  
            $this->Password =  password_hash($_POST['Password'],PASSWORD_BCRYPT,$options);
            $this->PhoneNo    = $_POST['PhoneNo'];
            $this->confirmCode    = $codeDigits;
            $this->db->insert('users', $this);
            $returned = true;
        }            
        return $returned;
    }

这是登录模型,登录查询

 public function login_model2($email,$password)
 {   
   $options = ['cost'=>12];
   $this->db->select('*');
   $this->db->from('users');
   $this->db->where('Email',$email);
   //$this->db->where('Password',$password);
   $this->db->where('Role_Id !=',1);
   $query = $this->db->get();

   if($query->num_rows() > 0)
   {
       $data = $query->row(); 

       // storing the results in the variable $data        
           if(password_verify($password,$data->password))
           {           
              return true;
            }            
            else
            {
                return false;
                }                 
   }

   else
    {
       return false;
       }       
   }

这是登录时的登录控制器功能

 public function post_login2()
{
    $this->form_validation->set_rules('Email', 'Email', 'trim|required|min_length[6]');
    $this->form_validation->set_rules('Password', 'Password', 'trim|required|min_length[6]');

    if($this->form_validation->run() == TRUE ){ 
        if($this->Users_model->login_model2($_POST['Email'],$_POST['Password']))
        {
            //test for redirect

            if ($_SESSION['role'] == 2) {

                redirect("Client/welcome");

            } else if ($_SESSION['role'] == 3) {

                redirect("Pro/welcome");

            }

          // test for redirect
        }else{
            // 
            $this->session->set_flashdata('err', true);
            redirect("Welcome/login");
        }

    }else{

        $this->login();
    }
}

1 个答案:

答案 0 :(得分:1)

只需将$data->password更改为$data->Password

即可

在模型login_model2()中,password_verify应该是这样的:

if(password_verify($password,$data->Password))
{           
   return true;
}            
else
{
   return false;
}