奇怪Password_Hash問題

Question

這樣的IM使用完全相同的腳本，我用了一段時間後，由於某種原因，當我移動到我的新域名和託管它是有很奇怪的問題，我創建了一個用戶，並得到HM嘗試登錄，它不是爲他工作我得到了一個新的哈希從這個PHP隨機test.php的文件：

<?php 
/** 
* In this case, we want to increase the default cost for BCRYPT to 12. 
* Note that we also switched to BCRYPT, which will always be 60 characters. 
*/ 
$options = [ 
    'cost' => 9, 
]; 
echo password_hash("His Pass", PASSWORD_BCRYPT, $options)."\n"; 
?> 

那麼它的工作，他登錄罰款，然後我試圖登錄到我的主管理帳戶和某些原因，即使我現在嘗試重新制作散列2次，它現在也不工作。

我不知道怎麼回事就可以有人請賜教。

繼承人的登錄碼：

//If User Submits Form continue; 
if(isset($_POST['username'])) { 

    //If the captcha wasn't submitted; 
    if(empty($_POST['g-recaptcha-response'])) { 

     //And theres already a try with there IP; 
     if($trycount != '0') { 

      //Increment there try count and give a notification; 
      updateTries(); ?> 
      <script type="text/javascript">localStorage.setItem("notification", "nocaptcha");</script> <?php 

     //If there isn't a try on there IP yet; 
     } else { 

      //Add one try and give a notification; 
      addTry(); ?> 
      <script type="text/javascript">localStorage.setItem("notification", "nocaptcha");</script> <?php 

     } 

    //If the captcha was submitted; 
    } else { 

     //Set captcha variable to the Submitted Captcha Response; 
     $captcha=$_POST['g-recaptcha-response']; 

     //Captcha Verification Url; 
     $url = 'https://www.google.com/recaptcha/api/siteverify?secret=t&response='; 

     //JSON Encode the Captcha's response and Site IP; 
     $response = json_decode(file_get_contents($url.urlencode($captcha).'&remoteip='.$_SERVER['REMOTE_ADDR']), true); 

     //If the captcha wasn't verified; 
     if($response['success'] == false) { 

      //And theres already a try with there IP; 
      if($trycount != '0') { 

       //Increment there try count and give a notification; 
       updateTries(); ?> 
       <script type="text/javascript">localStorage.setItem("notification", "captchafailed");</script> <?php 

      //If there isn't a try on there IP yet; 
      } else { 

       //Add one try and give a notification; 
       addTry(); ?> 
       <script type="text/javascript">localStorage.setItem("notification", "captchafailed");</script> <?php 

      } 

     //Otherwise if it was verified; 
     } else { 

      //Try log in with the given details; 
      user_login($_POST['username'],$_POST['password']); 

      //If logged in redirect and give a notification;   
      if(loggedin()) { ?> 
       <script type="text/javascript">localStorage.setItem("notification", "loggedin");</script> 
       <meta http-equiv="refresh" content="0;URL='https://gameshare.io'" /> <?php 
      } else { 

       //And theres already a try with there IP; 
       if($trycount != '0') { 

        //Increment there try count and give a notification; 
        updateTries(); ?> 
        <script type="text/javascript">localStorage.setItem("notification", "loginfailed");</script> <?php 

       //If there isn't a try on there IP yet; 
       } else { 

        //Add one try and give a notification; 
        addTry(); ?> 
        <script type="text/javascript">localStorage.setItem("notification", "loginfailed");</script> <?php 

       } 

      } 

     } 

    } 

} 

USER_LOGIN功能：

//Create a new function named user_login; 
function user_login($username = false, $password = false) { 

    //Fetch for the username and password applied; 
    $st = fetch("SELECT username,password,email,image FROM users WHERE username = :username",array(":username"=>$username)); 

    //If a row was found continue 
    if($st != 0) { 

     $storedhash = $st[0]['password']; 

     if (password_verify($password, $storedhash)) { 

      //Set a new username session and set it the username; 
      $_SESSION['username'] = $username; 
      $_SESSION['email'] = $st[0]['email']; 
      $_SESSION['image'] = $st[0]['image']; 

      if($username == 'admin') { 
       $_SESSION['role'] = 'admin'; 
      } else { 
       $_SESSION['role'] = 'user'; 
      } 

     } 

    } 

    //If no errors happened Make the $valid true; 
    return true; 

    $dontaddtry = true; 

} 

取功能：

//Create a new function named fetch; 
function fetch($sql = false,$bind = false,$obj = false) { 

    //Prepare The SQL Query; 
    $query = Connect()->prepare($sql); 

    //Execute Binded Query; 
    $query->execute($bind); 

    //While Fetching Results; 
    while($result = $query->fetch(PDO::FETCH_ASSOC)) { 

     //Add a row to the results respectiveley; 
     $row[] = $result; 

    } 

    //If there are no rows; 
    if(!empty($row)) { 

     //Make it an object; 
     $row = ($obj)? (object) $row : $row; 
    } else { 

     //Else row is false; 
     $row = false; 
    } 

    //If no errors happened Make $row true; 
    return $row; 

} 

連接功能：

//Create a new function named LoggedIn, And apply database info; 
function Connect($host = 'localhost',$username = 'x',$password = 'x',$dbname = 'x') { 

    //Try execute the PHP with no errors; 
    try { 

     //Create a PDO Session; 
     $con = new PDO("mysql:host=$host;dbname=$dbname", $username, $password); 

     //Session Attributes; 
     $con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); 
     $con->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); 

    } 

    //Catch all PDOException errors; 
    catch (PDOException $e) { 

     //If any errors print result; 
     echo "<code><pre>".print_r($e)."</pre></code>"; 

     //Make the PDO session false; 
     $con = false; 
    } 

    //If no errors happened Make the PDO session true; 
    return $con; 
} 

P.S如果你想獲得一個帳戶來嘗試在我的網站上讓我知道和生病臨時帳戶。

Answer 1

確保你的新主機的PHP版本。 password_hash至少需要PHP 5.5.0。

您可以通過下面的代碼檢查你當前的PHP版本。

<?php 
    echo 'Current PHP version: ' . phpversion(); 
?>