我已經制作了一個註冊腳本md5
,但現在我必須使用它登錄。我嘗試了很多東西,但沒有奏效。如何使用md5登錄PHP
這是我的代碼:
if(isset($_POST['sub'])) {
include_once("Connect.php");
$username = mysqli_real_escape_string($dbcon,$_POST['username']);
$password = mysqli_real_escape_string($dbcon,$_POST['password']);
$password = md5($_POST['password']);//hashing pass
$sql = "SELECT * FROM users WHERE userName = '{$username}' and userPassword = '{$password}'";
$query = mysqli_query($dbcon, $sql) or die(mysqli_error($dbcon));
$count = mysqli_num_rows($query);
if ($count > 1)
{
$row = mysqli_fetch_row($query);
$userId = $row[0]; // takes id from DataBase
$dbUsername = $row[1]; // takes username from DataBase
$dbPassword = $row[2]; // takes userpass from DataBase
$_SESSION['password'] = $dbPassword;
$_SESSION['username'] = $dbUsername;
$_SESSION['id'] = intval($userId);
$_SESSION['login'] = TRUE; // if username and pass are corrects it logs in
header('location: login.php');
die(); // using die() after header()
}
else {
echo "incorrect username or password.";
}
}
感謝所有的意見。
解決方案:
$inlogcrypt = md5($password);
$sql = "SELECT * FROM users WHERE userName = '".$username."' and userPassword = '".$inlogcrypt."'";
**不要**散列密碼與MD5。使用PHP的密碼散列API。如果您還沒有PHP 5.5,那麼在GitHub上存在兼容性腳本。 –
這是什麼意思,你嘗試了很多東西?那沒有用?你有什麼嘗試,什麼沒有工作? –
代碼是正確的,如果在數據庫中的列'userPassword'它保存價值'md5' –