我目前正在填写注册表,除密码部分外,其他一切似乎都正常。当用户注册时,密码应该被散列,但是我仍然在phpmyadmin中看到一个正常的字符串。当用户输入密码时,我想输入密码,密码应该在数据库中散列。
这是我的代码:
public function reg_user($gender, $username, $email, $password, $firstname, $lastname, $birthday, $city) {
$sql = "SELECT * FROM users WHERE username='$username' OR email='$email'";
password_hash($password, PASSWORD_DEFAULT);
password_verify($password,$row['password']);
$check = $this->db->query($sql);
$count_row = $check->num_rows;
if ($count_row == 0) {
$sql1 = "INSERT INTO users (gender, username, email, password, firstname, lastname, birthday, city) VALUES ('$gender', '$username', '$email', '$password', '$firstname', '$lastname', '$birthday', '$city')";
$result = mysqli_prepare($this->db,$sql1) or die(mysqli_connect_errno() . " - ERREUR: Les données ne peuvent pas être insérés");
$password = md5($password, PASSWORD_DEFAULT);
$result->execute();
} else {
return false;
}
}
include_once 'class.user.php';
$user = new User();
password_verify($password,$row['password']);
password_hash($password, PASSWORD_DEFAULT);
$password = password_hash($password, PASSWORD_DEFAULT);
if (isset($_POST['submit'])) {
extract($_POST);
$register = $user->reg_user($_POST['gender'], $_POST['username'], $_POST['email'], $_POST['password'], $_POST['firstname'], $_POST['lastname'], $_POST['birthday'], $_POST['city']);
if ($register) {
echo "<span class=\"waters\">Inscription confirmée</span>";
password_verify($password,$row['password']);
password_hash($password, PASSWORD_DEFAULT);
} else {
echo "<span class=\"waters\">Inscription confirmée</span>";
password_verify($password,$row['password']);
password_hash($password, PASSWORD_DEFAULT);
}
}
感谢阅读。
答案 0 :(得分:0)
更改行顺序:首先生成SQL查询,然后为给定密码调用哈希方法。
此外,请记住,System.defaultJSExtensions = true;
System.config({
baseURL: "/sitedomain/Scripts"
});
// loads /app.js
System.import("app");
不再是安全的哈希函数