我现在正在学习如何使用PHP创建登录名/注册,到目前为止进展顺利。我遇到了一个问题,试图将密码输入与存储的值进行比较。
使用password_hash对数据库中的存储值进行哈希处理,在进行比较时,我使用准备好的语句来选择存储值,并使用password_verify。我研究了其他各种问题,并尝试重复了他们所做的事情,但似乎没有任何用处。
任何人都可以提供帮助吗?
$2y$10$DEU9mpArXX6lLVuaFm4jj..Djki1kllwhSKdB7WSkqtDjgGkQMUhC
登录文件
require "databaseConnect.php";
if (isset($_POST["user-username"]) && isset($_POST["user-password"])) {
$input_username = $_POST["user-username"];
$input_password = $_POST["user-password"];
//check if user exists
$username_query = $dbConn->prepare("SELECT * FROM user_info WHERE username=?");
$username_query->bind_param("s", $input_username);
$username_query->execute();
$username_query->store_result();
$verifypw = $dbConn->prepare("SELECT password FROM user_info WHERE username=?");
$verifypw->bind_param("s", $input_username);
$verifypw->execute();
$verifypw->bind_result($checkPw);
$verifypw->fetch();
$verifypw->close();
$passwordsMatch = password_verify($input_password, $checkPw);
if ($username_query->num_rows == 0) {
//user doesnt exist
echo "0";
$username_query->close();
} else {
if ($passwordsMatch) {
echo "passwords match";
} else {
echo "passwords don't match";
}
}
}
?>
<?php
session_start();
require "databaseConnect.php";
if (isset($_POST["user-username"]) && isset($_POST["user-email"]) && isset($_POST["user-password"])) {
$input_email = $_POST["user-email"];
$input_username = $_POST["user-username"];
$input_password = $_POST["user-password"];
$input_password = password_hash($password, PASSWORD_DEFAULT);
//check if user exists in database
$username_query = $dbConn->prepare("SELECT * FROM user_info WHERE username=?");
$username_query->bind_param("s", $input_username);
$username_query->execute();
$username_query->store_result();
$email_query = $dbConn->prepare("SELECT * FROM user_info WHERE email=?");
$email_query->bind_param("s", $input_email);
$email_query->execute();
$email_query->store_result();
if ($username_query->num_rows > 0 || $email_query->num_rows > 0) {
//cant create user, already exists
$username_query->close();
$email_query->close();
echo "0";
} else {
//create user
$username_query->close();
$user_create = $dbConn->prepare("INSERT INTO user_info (username, email, password)
VALUES(?, ?, ?)");
$user_create->bind_param("sss", $input_username, $input_email, $input_password);
$user_create->execute();
$user_create->close();
echo "1";
}
}
?>