即時通訊使用PHP腳本來檢查我在數據庫中的哈希密碼。我有PHP 5.5。php password_verify無法正常工作
$this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
// if no connection errors (= working database connection)
if (!$this->db_connection->connect_errno) {
// escape the POST stuff
$user_name = $this->db_connection->real_escape_string($_POST['user_name']);
// database query, getting all the info of the selected user (allows login via email address in the
// username field)
$sql = "SELECT user_name, user_email, user_password_hash
FROM users
WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_name . "';";
$result_of_login_check = $this->db_connection->query($sql);
// if this user exists
if ($result_of_login_check->num_rows == 1) {
// get result row (as an object)
$result_row = $result_of_login_check->fetch_object();
// using PHP 5.5's password_verify() function to check if the provided password fits
// the hash of that user's password
if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
// write user data into PHP SESSION (a file on your server)
$_SESSION['user_name'] = $result_row->user_name;
$_SESSION['user_email'] = $result_row->user_email;
$_SESSION['user_login_status'] = 1;
我只是在password_verify錯誤。我已經檢查過帖子值和mysql user_password_hash返回。 我不知道爲什麼它的虛假
有什麼幫助嗎?
感謝
你使用'password_hash'來創建密碼嗎? –
是的,$ user_password = $ _POST ['user_password_new']; $ user_password_hash = password_hash($ user_password,PASSWORD_DEFAULT); –