我在注册过程中创建了password_hash,当我再次登录并在password_verify的帮助下键入电子邮件和密码时,它输出的密码不匹配。为了检查我的查询是否正常,我在此链接http://www.passwordtool.hu/php5-password-hash-generator
中使用在线工具生成了密码哈希这已成功允许用户登录,但是password_hash自动生成的哈希始终失败,这意味着我的查询还可以。有没有一种解决方法可以使password_hash正常工作?
任何帮助都会有用。 预先感谢,
我尝试使用看起来像$ 2y $ 10 $ 3xrOcCz5fewSd90zS7dgseINs1WpD132MtrWjFmG3qSQcNDXpcgbe的静态password_hash,即Password @ 123
Ajax处理注册
$(function() {
$(".log").click(function() {
var email = $("#email").val();
var password = $("#password").val();
var confirm_password = $("#confirm_password").val();
var dataString = 'email='+ email + '&confirm=' + confirm;
if(email=='' ||password=='' || confirm_password=='' || (password !=confirm_password))
{
swal("Sorry !", "Couldn't create your account !", "error");
}
else
{
$.ajax({
type: "POST",
url: "join.php",
data: dataString,
success: function(){
//$('.success').fadeIn(200).show();
//$('.error').fadeOut(200).hide();
swal("Thanks !","Your account is created !"+" "+"Redirecting you to login","success");
setTimeout(function () {
window.location.href = "login.php"; //will redirect to your blog page (an ex: blog.html)
}, 2000);
}
});
}
return false;
});
});
</script>
注册过程
require_once('dbconn.php');
if($_POST)
{
$email = $_POST['email'];
$cpassword = $_POST['confirm_password'];
$hashed = password_hash($cpassword, PASSWORD_DEFAULT);
$sql = "INSERT INTO user_login (user_email, user_password) VALUES (?,?)";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "ss", $email, $hashed);
$result = mysqli_stmt_execute($stmt);
if ($result) {
echo "Successfully Inserted !";
//echo '<script type="text/javascript">';
//echo 'setTimeout(function () { swal("Thanks!","Your account is created !","success");';
//echo '}, 1000);</script>';
}
else{
echo "Error occurred! ".mysqli_stmt_errno($stmt)." ".mysqli_stmt_error($stmt)." ";
$error = mysqli_stmt_error($stmt);
}
}
mysqli_close($conn);
?>
登录
if(isset($_POST['btn_lg'])) {
$email = $_POST['email'];
$password = $_POST['password'];
$sql = "SELECT `user_email`, `user_password` FROM `user_login` WHERE `user_email` = ?";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt,"s", $email);
$result = mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
mysqli_stmt_bind_result($stmt, $email, $pass);
mysqli_stmt_fetch($stmt);
if(mysqli_stmt_num_rows($stmt) === 1)
{
//$row = mysqli_stmt_fetch($stmt);
$hash = $pass;
//echo $hash;
if(password_verify($password, $hash))
{
$_SESSION['Logged'] = true;
$_SESSION['email'] = $email;
?>
<script type="text/javascript">
window.location.href="test.php";
</script>
<?php
}
else
{
echo "The username or password do not match" ;
}
}
else
{
echo "Login Failed ! " .mysqli_stmt_errno($stmt)." ".mysqli_stmt_error($stmt)." ";
}
}
?>
我希望登录结果为true,但输出为false