所以我的代码是这样的:
$password = '3anTJKAYIh5N0GQssL/5V5dhd1rnAUg8rTrTu8BJnr7XTseFdGY1TYSW/tQV99NYf5zZpwxuuA4ZZPRL+ZVoIE/7Le9OmD03vNqOUym0NFkZTzp4YvUDI+ZFZnTib0';
$hash = '$2y$10$yRVxvcZib5Gfjp3aEfk11.fGMX.2OkRZQw.SI2XM88Qpl2I6KmnwG';
if ( password_verify($password, $hash) ) echo 'true!';
如果我从$ password末尾删除了一些字符,它仍然会显示'true!'...
那怎么可能?!