即使我对密码和哈希值本身进行硬编码,Password_verfiy也不起作用。它正在类似的程序中运行,但是该程序没有实用的查询
<?php
include 'db.php';
session_start();
$numrows=null;
$hpass=null;
if ($_SERVER['REQUEST_METHOD']=='POST') {
if (!empty($_POST['user']) && !empty($_POST['pass'])) {
$username = $_POST['user'];
$password = $_POST['pass'];
$query = $connection->prepare('Select password from users where username=?');
$query->bind_param("s", $username);
$query->execute();
$query->bind_result($hpass);
while ($query->fetch()) {
$numrows++;
}
$query->close();
//$query->fetch();
//$numofrows=$query->num_rows;
if ($numrows == 1) {
if (password_verify($password, $hpass)) {
$_SESSION['login_user'] = $username;
header("location:todo.php");
} else {
header("location:1.php");
}
} else {
header("location:2.php");
}
}
else {
header("location:not.php");
}
}
$password = $_GET['pass'];
$hpass = password_hash($password, PASSWORD_DEFAULT);
$query=$connection->prepare("insert into users (username,password) values (?,?)");
$query->bind_param('ss',$name,$hpass);
if ($query->execute()) {
$query->close();
header('location:index.php');
} else {
header('location:not.php');
}