我想以正确的方式从登录表单中获取密码。到目前为止,我还没有成功。由于他随后将哈希视为数据库中的密码,因此无法获取普通密码。有人可以帮我吗?
这是我的代码:
<?php
session_start();
if (isset($_POST['login'])) {
if (isset($_POST['username']) && isset($_POST['password'])) {
include_once("../include/dbcon.php");
$username = $_POST['username'];
$password = $_POST['password'];
$stmt = $conn->prepare("SELECT * FROM personeelsgegevens WHERE Personeelsnummer = :Personeelsnummer AND Voucher = :Voucher");
$stmt->bindParam(":Personeelsnummer", $username);
$stmt->bindParam(":Voucher", $password);
$stmt->execute();
if ($stmt->rowCount() == 1){
if($r = $stmt->fetch(PDO::FETCH_ASSOC)){
echo "<script>alert('Succesvol ingelogd'); window.location='../php/activiteiten.php'</script>";
$_SESSION["id"] = $r['Personeelsnummer'];
$_SESSION["rol"] = "personeel";
exit();
}
}else {
$stmt = $conn->prepare("SELECT * FROM users WHERE user_name = :user_name AND password = :password");
$stmt->bindParam(":user_name", $username);
$stmt->bindParam(":password", $password);
$stmt->execute();
if ($stmt->rowCount() == 1){
if($r = $stmt->fetch(PDO::FETCH_ASSOC)){
echo "<script>alert('Succesvol ingelogd als admin'); window.location='../php/admin.php'</script>";
$_SESSION["id"] = $r['gebruikersID'];
$_SESSION["rol"] = "admin";
exit();
}
} else {
echo "<script>alert('Niet juist ingelogd check je gebruikersnaam en/of wachtwoord'); window.location='../php/inloggen.php'</script>";
exit();
}
}
}else {
echo "<script>alert('Niet juist ingelogd check je gebruikersnaam en/of wachtwoord'); window.location='../php/inloggen.php'</script>";
exit();
}
}else {
echo "<script>alert('Niet juist ingelogd check je gebruikersnaam en/of wachtwoord'); window.location='../php/inloggen.php'</script>";
exit();
}
?>