Password_Verify不會返回值

Question

即時嘗試爲我的網站做一個登錄系統，我能夠散列密碼並將散列數據插入數據庫，但是檢索它有點不同。

我正在爲上一頁中的給定用戶名（以及上一頁中給定的密碼）在頁面中搜索（哈希密碼）。然後讓我的代碼看看這兩個密碼是否匹配，但是，我沒有得到價值回報。是的，我在迴應，並提出建議？

<?php 
session_start(); 

include 'dbh.php'; 

$Username = $_POST['Username']; 
$Password = $_POST['Password']; 

$sql = "SELECT * FROM account WHERE Username='$Username'"; 
$result = $conn->query($sql); 
while ($row = $result->fetch_assoc()) { 
    $UsernameActualhashedPassword = $row['Password']; 
} 

$input = $Password; 

echo $input; 
echo $UsernameActualhashedPassword; 
echo password_verify($input, $UsernameActualhashedPassword); 

Answer 1

試試這一個，尋找Sanitizing user for secure login

<?php 
session_start(); 

include 'dbh.php'; 

$Username = $_POST['Username']; 
$Password = $_POST['Password']; 
$hashpass = hash_fun($password); // use the same hash function which you have used in the signup 
$sql = "SELECT count(*) FROM account WHERE Username='$Username' and 
password='$hashpass'"; 
$result = $conn->query($sql); 
if($result>0) 
    echo "Login success"; 
else echo "wrong username or password"; 
?>