无法在核心 php 中使用 MD5 加密密码登录

时间:2021-03-23 06:06:56

标签: php authentication phpmyadmin md5

我想使用核心 php 使用用户表中保存的凭据登录,我的密码以加密形式保存在数据库用户表中的 MD5 中,我想用电子邮件和密码登录,但是当我在登录密码时加密我的密码时与数据库表密码不匹配, 请帮助我,我如何使用加密的 md5 密码登录。这是我的代码。

index.html


     <form action="login_admin.php" method="POST">
                                    <div class="form-group">
                                        <label class="label">Username</label>
                                        <div class="input-group">
                                            <input type="email" class="form-control" placeholder="email" name="email">
                                            <div class="input-group-append">
                                                <span class="input-group-text">
                              <i class="mdi mdi-check-circle-outline"></i>
                            </span>
                                            </div>
                                        </div>
                                    </div>
                                    <div class="form-group">
                                        <label class="label">Password</label>
                                        <div class="input-group">
                                            <input type="password" class="form-control" placeholder="*********" name="pwd">
                                            <div class="input-group-append">
                                                <span class="input-group-text">
                              <i class="mdi mdi-check-circle-outline"></i>
                            </span>
                                            </div>
                                        </div>
                                    </div>
                                    <div class="form-group">
                                        <input type="submit" name="submit" value="submit" class="btn btn-primary submit-btn btn-block">
                                   
                                </form>

login_admin.php

<?php

    include('connection.php');
    
    if(isset($_POST['submit'])){
    
        $email = $_POST['email'];
        $password = $_POST['pwd'];
        $password = md5($_POST['pwd']);
        $_SESSION['email'] = $email;
        $_SESSION['password'] = $password;
        $admin= $_SESSION['email'];
    
        $query = "SELECT * FROM `user` Where (email = '$email' && role_id = 'admin' )";
        $result = mysqli_query($conn, $query);  
        $row = mysqli_fetch_assoc($result);
        if($row > 0){
                if($admin == $row['email'] && $password == $row['password']){
                    echo "test"; die;
                }
        }
    
    else{
        echo "Login Failed";
    }
    
    ?>

连接.php


    <?php
    $servername = "localhost";
    $username = "root";
    $password = "";
    $dbname = "example_user";
    $conn = new mysqli($servername, $username, $password, $dbname);
        if ($conn->connect_error) {
            die("Connection failed: " . $conn->connect_error);
        }   
    ?>

1 个答案:

答案 0 :(得分:1)

如何解散密码?

<块引用>

首先阅读我的评论。

散列

 password_hash ( string $password , mixed $algo , array $options = ? ) : string|false

用法:

<?php echo password_hash('Hello world', PASSWORD_BCRYPT ) ?>

值: $password = "密码";; $algo = "密码算法";

欲了解更多信息: https://www.php.net/manual/en/password.constants.php

将密码与散列版本进行比较##

  password_verify ( string $password , string $hash ) : bool

用法:

<?php $text = "I am a php master!"; $hashed = password_hash($text, PASSWORD_BYCRIPT); echo $text . "<br>". $hashed . "<br>";
   // password_verify returns a Boolean
   if(password_Verify($text, $hashed)) echo "Correct";   
  ?>

值:

密码

The user's password.

哈希

A hash created by password_hash().

欲了解更多信息: https://www.php.net/manual/en/function.password-verify.php

相关问题
最新问题