if (isset($_POST['username']) and isset($_POST['password'])){
$username = cleanData($_POST['username']);
$password = cleanData($_POST['password']);
$verify = password_verify($password, $hash);
if(password_verify($password, $hash)) {
$query = "SELECT * FROM `user` WHERE (username='$username') AND (password='$password')";
echo $hash;
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);
if ($count == 1){
$_SESSION["loggedIn"] = true;
$_SESSION['username'] = $username;
}else{
$fmsg = "Invalid Login Credentials.";
}
if (isset($_SESSION['loggedIn']) && ($_SESSION["loggedIn"] == true)){
$username = $_SESSION['username'];
echo "Hi " . $username . "
";
echo "This is the Members Area
";
}else{ ?>
*html*
} else {
echo 'Invalid password.';
}
}
我把代码弄得一团糟,努力理解我做错了什么,并且无法跟踪我在哪里使语法错误导致“文件的最后一行意外结束”。 我正在尝试创建一个会话,如果用户输入的密码与数据库中的哈希值匹配,则将用户发送到“您好 username ”页面。仅当password_verify对照输入的用户名存储的哈希值验证输入的密码时,才如何创建会话?
if (isset($_POST['username']) and isset($_POST['password']))
{
$username = cleanData($_POST['username']);
$password = cleanData($_POST['password']);
$verify = password_verify($password, $hash);
if (password_verify($password, $hash))
{
$query = "SELECT * FROM `user` WHERE (username='$username') AND (password='$password')";
echo $hash;
$result = mysqli_query($connection, $query) or die(mysqli_error($connection));
$count = mysqli_num_rows($result);
if ($count == 1)
{
$_SESSION["loggedIn"] = true;
$_SESSION['username'] = $username;
}
else
{
$fmsg = "Invalid Login Credentials.";
}
if (isset($_SESSION['loggedIn']) && ($_SESSION["loggedIn"] == true))
{
$username = $_SESSION['username'];
echo "Hi " . $username;
echo "This is the Members Area";
}
else
{
?>
<div> html code </div>
<?php
}
}
else
{
echo 'Invalid password.';
}
}