此登錄代碼有效,但'$ hashedpass'是如何通過散列傳遞「$ 2y $ 10 $ ...」變量的?
再次。 我需要變量函數'$ hashedpass'。 如何從數據庫中給'$ hashedpass'?每個用戶都有可變的傳遞/散列。
<?php
$data['error_message'] = $lang['error_empty_login'];
$loginId = $escapeObj->stringEscape($_POST['login_id']);
$hash = password_hash($_POST['login_password'], PASSWORD_DEFAULT);
$hashedpass='$2y$10$.............';
$crypto_pass = password_verify($hash, $hashedpass);
$userId = getUserId($conn, $loginId);
if ($userId)
{
$query = $conn->query("SELECT id,username,email_verified FROM " . DB_ACCOUNTS . " WHERE id=$userId AND password='$hashedpass' AND type='user' AND active=1");
$data['error_message'] = $lang['error_bad_login'];
if ($query->num_rows == 1)
{
$fetch = $query->fetch_array(MYSQLI_ASSOC);
$continue = true;
if ($config['email_verification'] == 1 && $fetch['email_verified'] == 0)
{
$continue = false;
$data['error_message'] = $lang['error_verify_email'];
}
if ($continue == true)
{
$_SESSION['user_id'] = $fetch['id'];
$_SESSION['user_pass'] = $hashedpass;
if (isset($_POST['keep_logged_in']) && $_POST['keep_logged_in'] == true)
{
setcookie('sk_u_i', $_SESSION['user_id'], time() + (60 * 60 * 24 * 7));
setcookie('sk_u_p', $_SESSION['user_pass'], time() + (60 * 60 * 24 * 7));
}
$data['status'] = 200;
$data['redirect_url'] = smoothLink('index.php?tab1=home');
}
}
else
{
$data['error_message'] = $lang['incorrect_password'];
}
}
else
{
$data['error_message'] = $lang['no_user_found'];
}
header("Content-type: application/json; charset=utf-8");
echo json_encode($data);
$conn->close();
exit();
謝謝。
我不明白你的問題..你需要什麼? –
我需要編輯此代碼。從數據庫中取'$ hashedpass'。我需要工作代碼...謝謝。 – danilabodrov