我想使用核心 php 使用用户表中保存的凭据登录,我的密码以加密形式保存在数据库用户表中的 MD5 中,我想用电子邮件和密码登录,但是当我在登录密码时加密我的密码时与数据库表密码不匹配, 请帮助我,我如何使用加密的 md5 密码登录。这是我的代码。
index.html
<form action="login_admin.php" method="POST">
<div class="form-group">
<label class="label">Username</label>
<div class="input-group">
<input type="email" class="form-control" placeholder="email" name="email">
<div class="input-group-append">
<span class="input-group-text">
<i class="mdi mdi-check-circle-outline"></i>
</span>
</div>
</div>
</div>
<div class="form-group">
<label class="label">Password</label>
<div class="input-group">
<input type="password" class="form-control" placeholder="*********" name="pwd">
<div class="input-group-append">
<span class="input-group-text">
<i class="mdi mdi-check-circle-outline"></i>
</span>
</div>
</div>
</div>
<div class="form-group">
<input type="submit" name="submit" value="submit" class="btn btn-primary submit-btn btn-block">
</form>
login_admin.php
<?php
include('connection.php');
if(isset($_POST['submit'])){
$email = $_POST['email'];
$password = $_POST['pwd'];
$password = md5($_POST['pwd']);
$_SESSION['email'] = $email;
$_SESSION['password'] = $password;
$admin= $_SESSION['email'];
$query = "SELECT * FROM `user` Where (email = '$email' && role_id = 'admin' )";
$result = mysqli_query($conn, $query);
$row = mysqli_fetch_assoc($result);
if($row > 0){
if($admin == $row['email'] && $password == $row['password']){
echo "test"; die;
}
}
else{
echo "Login Failed";
}
?>
连接.php
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "example_user";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
答案 0 :(得分:1)
首先阅读我的评论。
password_hash ( string $password , mixed $algo , array $options = ? ) : string|false
用法:
<?php echo password_hash('Hello world', PASSWORD_BCRYPT ) ?>
值: $password = "密码";; $algo = "密码算法";
欲了解更多信息: https://www.php.net/manual/en/password.constants.php
password_verify ( string $password , string $hash ) : bool
用法:
<?php $text = "I am a php master!"; $hashed = password_hash($text, PASSWORD_BYCRIPT); echo $text . "<br>". $hashed . "<br>";
// password_verify returns a Boolean
if(password_Verify($text, $hashed)) echo "Correct";
?>
值:
密码
The user's password.
哈希
A hash created by password_hash().
欲了解更多信息: https://www.php.net/manual/en/function.password-verify.php