我試圖驗證數據庫中的密碼,但它不起作用。 請看我的代碼,讓我知道什麼是錯的。密碼使用bcrypt驗證數據庫
將用戶名和密碼存儲到數據庫的代碼。
<?php
echo "enter the username \n";
$username = trim(fgets(STDIN));
echo "enter the password\n";
$password = trim(fgets(STDIN));
//connecting to database
$con=mysqli_connect("localhost","sqldata","sqldata","accounts");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$salt = substr(sha1(mt_rand()),0,22);
$hashedPassword= crypt($password , '$2y$10$' . $salt);
echo $hashedPassword;
mysqli_query($con,"INSERT INTO login (username, password)
VALUES ('$username', '$hashedPassword')");
mysqli_close($con)
?>
代碼驗證密碼是如下
<?php
echo "enter the username \n";
$username = trim(fgets(STDIN));
echo "enter the password\n";
$password = trim(fgets(STDIN));
//connecting to database
$db = mysql_connect("localhost","sqldata","sqldata") or die(mysql_error());
//selecting our database
$db_select = mysql_select_db("accounts", $db) or die(mysql_error());
$result= mysql_query("select * from login where username = '$username' ");
if (!$result) exit("$userName wasn't found in the database!");
$row = mysql_fetch_array($result);
$storedPassword = $row['password'];
$salt = substr(sha1(mt_rand()),0,22);
$hashedPassword= crypt($password , '$2y$10$' . $salt);
if (crypt($hashedPassword) == $storedPassword)
{
echo "ok";
}
else
{
echo "error";
}
?>
對不起,你的方法不起作用。我試過,但它給我回聲錯誤$ storedPassword = $ row ['password']; $ salt = substr(sha1(mt_rand()),0,22); $ hashpassword = crypt($ storedPassword,'$ 2y $ 10 $'。$ salt); if($ hashpassword == $ storedPassword) { echo「ok」; } else { echo「error」; } ?> – hadi
有人可以幫忙關注這個問題。預先感謝。 – hadi