用户可以注册到我正在创建的网站,并且插入数据库的密码会被散列
$hashedpassword = password_hash($password, PASSWORD_DEFAULT);
现在,当用户尝试登录时,我不确定如何获取他们输入的密码并将其与数据库中的哈希版本进行比较,我尝试了此操作,但是它不起作用
<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
$pwdcheck = password_verify($password, $row["password"]);
$conn = mysqli_connect("localhost", "root", "", "cadabra");
$query = "SELECT username, password from register where username=? AND password=? LIMIT 1";
$stmt = $conn->prepare($query);
$stmt->bind_param("ss", $username, $pwdcheck);
$stmt->execute();
$stmt->bind_result($username, $pwdcheck);
$stmt->store_result();
if($stmt->fetch()) {
$_SESSION["login_user"] = $username;
header("Location: ../Login.php?LoginSuccessful");
} else {
header("Location: ../Login.php?LOGINFAILED");
}
mysqli_close($conn);