为什么php密码验证失败?

时间:2019-11-28 09:58:25

标签: php password-encryption login-script

所以我用user_iduser_mailuser_pwd创建了一个数据库。 user_pwdvarchar(255)。我生成了一个等于password_hash()的哈希密码。我有以下代码用于登录。 (我只想登录,不需要注册)

<?php
session_start ();
define ('SECURE', true);

if(isset($_POST['login-submit'])){
require_once('db.inc.php');

$user_mail = mysqli_real_escape_string($_POST['mailuid']);
$user_pwd = mysqli_real_escape_string($_POST['pwd']);


if(empty($user_mail) || empty($user_pwd)) {
  header("Location: /login.php?error=emptyfields");
  exit();
}
else {
  $sql = "SELECT * FROM Guest WHERE user_mail=?;";
  $stmt = mysqli_stmt_init($connect);
  if (!mysqli_stmt_prepare($stmt, $sql)) {
    header("Location: /login.php?error=sqlerror");
    exit();
  }
  else {
    mysqli_stmt_bind_param($stmt, "s", $user_mail);
    mysqli_stmt_execute($stmt);
    $result = mysqli_stmt_get_result($stmt);
    if ($row = mysqli_fetch_assoc($result)) {
      $pwdCheck = password_verify($user_pwd, $row['user_pwd']);
      if ($pwdCheck == false) {
        header("Location: /login.php?error=wrongPassword"); --> that's where I am send to. 
        exit();
      }
      elseif($pwdCheck == true) {
        $_SESSION['userID'] = $row['user_id'];
        header("Location: /download.php?login=success");
        exit();
      }
      else {
        header("Location: /login.php?error=wrongPassword");
        exit();
      }
    }
    else {
      header("Location: /login.php?error=NoUser");
      exit();
    }
   }
  }
 }
else{
  header("Location: ../login.php?success");
  exit();
}

 ?>

当我输入用户邮件和密码时,它会将我发送到名为login.php/error=wrongPassword的登录页面。而且我不知道为什么。我检查了它是第一页还是第二页error=wrongPassword,它是第一页。因此密码验证失败。有人知道为什么会失败吗?

login.php文件的登录代码:

 <section id="Login">
  <div class="container">
    <div class="row center-xs center-sm center-md center-lg middle xs middle-sm middle-md middle-lg">
      <div class="col-xs-12 col-sm-12 col-md-12 col-lg-12">
        <div class="topper">
          <h1 class="topper">LogIn</h1>
        </div>
        <h3>Geschützter Bereich!</h3>
        <p>um Zugang zu erhalten nutzen Sie bitte das Kontaktformular</p>
        <button class="btn" id="formular" type="button" name="button"><a href="contact.html">Hier geht es zum Formular</a></button>
        <h3>Oder loggen Sie sich ein</h3>
      </div>
    </div>
    <div class="row center-xs center-sm center-md center-lg middle xs middle-sm middle-md middle-lg">
      <div class="col">
        <form action="@Ressources/includes/login.inc.php" method="post">
          <input type="text" name="mailuid" placeholder="Email">
          <input type="password" name="pwd" placeholder="Passwort">
          <button class="btn" type="sumbit" name="login-submit">LogIn</button>
        </form>
      </div>
    </div>
  </div>
</section>

0 个答案:

没有答案
相关问题
最新问题