我使用一个教程创建了一个简单的登录名,该教程使用了md5进行加密,而不是使用password_hash代替md5
import java.awt.Color;
import java.awt.Dimension;
import java.awt.Graphics;
import java.awt.Point;
import java.awt.event.MouseAdapter;
import java.awt.event.MouseEvent;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.swing.JFrame;
import javax.swing.JPanel;
import javax.swing.SwingUtilities;
public class CanvasPanel extends JPanel {
List<Point> points = new ArrayList<>();
// Use compositon over inheritance.
// Don't extend JFrame unless you plan to override something.
JFrame frame = new JFrame();
public static void main(String[] args) {
SwingUtilities.invokeLater(() -> new CanvasPanel());
}
public CanvasPanel() {
MyMouseListener ml = new MyMouseListener();
addMouseMotionListener(ml);
addMouseListener(ml);
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
setPreferredSize(new Dimension(500, 500));
frame.add(this);
frame.pack();
frame.setLocationRelativeTo(null); // center on screen
frame.setVisible(true);
}
public void paintComponent(Graphics g) {
super.paintComponent(g);
g.setColor(Color.black);
if (points.size() >= 2) {
Iterator<Point> it = points.iterator();
Point p1 = it.next();
while (it.hasNext()) {
Point p2 = it.next();
g.drawLine(p1.x, p1.y, p2.x, p2.y);
p1 = p2;
}
}
}
// MouseAdapter provides dummy implementations
private class MyMouseListener extends MouseAdapter {
public void mouseDragged(MouseEvent me) {
points.add(me.getPoint());
repaint();
}
public void mousePressed(MouseEvent me) {
// initialize first point in list.
points.add(me.getPoint());
}
}
}
它可以工作并将加密的密码存储在我的数据库中,但是当我尝试使用非加密的密码登录时,我得到“输入用户名或密码”,下面使用的代码-只有删除了我的服务器信息:
$password = password_hash("$password_1", PASSWORD_DEFAULT);
要使password_hash正常工作,我需要包含一些东西吗?
答案 0 :(得分:1)
验证用户密码时,需要使用password_verify
功能。我在下面修改了您的登录代码:
if (count($errors) == 0) {
$query = "SELECT * FROM users WHERE username='$username'";
$result = mysqli_query($db, $query);
if (mysqli_num_rows($result) === 1) {
$user = mysqli_fetch_assoc($result);
if (password_verify($password, $user['password'])) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('Location: testlogin.php');
die();
}
}
array_push($errors, "Wrong username/password combination");
}