我有一個登記表,讓用戶輸入密碼,我使用隱窩散列密碼不匹配
在寄存器形式它的工作討論解決這個口令和密碼散列和安全的數據庫,但當它來登錄密碼不匹配,系統不會登錄
任何人都可以幫助我?在register.php
散列密碼
//crypt password
require_once('include/blowfish.php');
$bcrypt = new Bcrypt(4);
$hash = $bcrypt->hash($pass1);
echo $hash;
//************Insert all the members's input to the database**************************//
$query = mysql_query("INSERT INTO members(user_name, first_name, last_name,
governorate, district, village, birth_date, email_address, specialization,
password, registered_date)
VALUES('$username', '$firstname', '$lastname', '$governorate', '$district',
'$village', '$bdate', '$email', '$specialization', '$hash', now())")
or die(mysql_error());
在login.php中
$sql=mysql_query("SELECT user_id, email_address, first_name, user_name
FROM members
WHERE email_address='$email'AND password= '$pass'
LIMIT 1") or die("error in members table");
$login_check = mysql_num_rows($sql);
if($login_check > 0)
{
$row = mysql_fetch_array($sql);
$row_pass = $row['password'];
//***********for hashing password***************************//
require_once('include/blowfish.php');
$bcrypt = new Bcrypt(4);
if($bcrypt->verify($pass, $row_pass))
{
$id = $row['user_id'];
$_SESSION['user_id'] = $id;
$firstname = $row['first_name'];
$_SESSION['first_name']= $firstname;
$email = $row['email_address'];
$_SESSION['email_address']= $email;
$username = $row['user_name'];
$_SESSION['user_name']= $username;
mysql_query("UPDATE members SET last_log_date=now()
WHERE user_id='$id'");
//$message = "correct email and passworddd!!";
header("Location: profile.php");
// exit();
}//close if
}//close if
else
{
$message = "incorrect Email or Password!!";
//exit();
}
不要多次提問相同的問題。 – Gumbo
你已經得到答案,試着理解並應用它們! – deceze
@ deceze問題是,我認爲它是正確的,但它不是,我不知道如何解決,所以我來問問題去了解並理解 – user2398286