您好,我正在尝试使用Unity实施登录系统,但是我的PHP似乎有问题。
我认为我已将问题缩小到错误地从数据库中检索出的哈希值。我怀疑这是问题所在,因为如果我将正确的哈希值硬编码到一个变量中并使用password_verify()可以正常工作,但是从数据库中检索到的相同哈希值将无法验证。
在此先感谢您的帮助。
这是我的register.php脚本:
<?php
$conn = mysqli_connect("localhost", "root", "root", "MultiplayerExperience");
$username = $_POST["usernamePost"];
$password = $_POST["passwordPost"];
if(mysqli_connect_errno())
{
echo("Connection failed");
exit();
}
$userCheckQuery = "SELECT username FROM players WHERE username = '".$username."';";
$userCheck = mysqli_query($conn, $userCheckQuery);
if(mysqli_num_rows($userCheck) > 0)
{
echo("User already exists");
exit();
}
$hashedPassword = password_hash(trim($password), PASSWORD_BCRYPT);
$userInsertionQuery = "INSERT INTO players (username, hash) VALUES ('".$username."', '".$hashedPassword."' );";
$userInsertion = mysqli_query($conn, $userInsertionQuery) or die("User insertion failed");
echo("RegistrationSuccess");
?>
Here is my login.php script
<?php
$conn = mysqli_connect("localhost", "root", "root", "MultiplayerExperience");
$username = $_POST['usernamePost'];
$password = $_POST['passwordPost'];
if(mysqli_connect_errno())
{
echo("Connection failed");
exit();
}
$nameCheckQuery = "SELECT username FROM players WHERE username = '".$username."';";
$nameCheck = mysqli_query($conn, $nameCheckQuery);
if(mysqli_num_rows($nameCheck) != 1)
{
echo("User not found");
exit();
}
$hashFetchQuery = "SELECT hash FROM players WHERE username = '".$username."';";
$hashFetch = mysqli_query($conn, $hashFetchQuery);
$correctHash = '$2y$10$qeInE4VYnGiHRiivh/5z8OpX65NrWPYA6/UZTH2HIEGPV6gr9rNZ2'; //Correct hash copied from database
$incorrectHash = '$2y$10$qeInP4YYnGiHRiivh/5z8OpX63NrWPYO6/UZTH2HIEGPV6gr9rNZ2'; //Incorrect hash for testing
if(password_verify(trim($password), trim($hashFetch)))
{
echo("LoginSuccess");
exit();
}
echo("Incorrect password");
?>
我已经在Google上搜索了几天,关于此事的每条帖子都无法解决我的问题。