严格的标准错误，同时保存注册数据

Question

我正在按照创建注册和登录系统的教程。我尽一切努力，但当我按下提交表单时，仍然出现奇怪的严格标准错误。

<?php 

require 'pdoconnect.php'; 

$message = ''; 

if(!empty($_POST['email']) && !empty($_POST['password'])): 


// Enter the new user in the database 
$sql = "INSERT INTO users (email, password) VALUES (:email, :password)"; 
$stmt = $conn->prepare($sql); 

$stmt->bindParam(':email', $_POST['email']); 
$stmt->bindParam(':password', password_hash($_POST['password'], PASSWORD_BCRYPT)); 

if($stmt->execute()): 
    $message = 'Successfully created new user'; 
else: 
    $message = 'Sorry there must have been an issue creating your account'; 
endif; 

endif; 

?> 

它说

严格的标准：只有变量应该通过线14（与密码哈希线）引用传递。

我已经找遍了解决方案，但我无法找到任何。

Answer 1

散列你将它绑定之前的密码：

// Enter the new user in the database 
$sql = "INSERT INTO users (email, password) VALUES (:email, :password)"; 
$stmt = $conn->prepare($sql); 

$hashedPass = password_hash($_POST['password'], PASSWORD_BCRYPT); 
$stmt->bindParam(':email', $_POST['email']); 
$stmt->bindParam(':password', $hashedPass); 

你不能传递一个函数到绑定参数，你只能传递一个变量。