1. 首页
  2. 问答
  3. 检查电子邮件和密码是否正确

检查电子邮件和密码是否正确

2014-09-30 131 views
0

我需要确认电子邮件和密码是否正确,但它可以与我输入的任何密码一起使用。有什么问题?下面是代码:检查电子邮件和密码是否正确

<?php 
if(isset($_POST['submit'])){ 
    $email = mysql_real_escape_string($_POST['email']); 
$pass = $_POST['password']; 
$hash = hash("sha512", $pass); 
$hash1 = hash("whirpool", $hash); 
$hash2 = hash("sha384", $hash1); 
$password = $hash2; 

    $query=mysql_query("SELECT * FROM register WHERE email='$email' AND password='$password'") or die(mysql_error()); 
    $count=mysql_num_rows($query); 
if($count==1){ 

    while ($row=mysql_fetch_array($query)) { 
    $username=$row['username']; 
    $heslo=$row['password']; 
    $_SESSION['valid'] = $username; 
if(isset($_SESSION['valid'])){ 
     $realtime = date("d-m-Y h:i:s"); 
     $session = $_SESSION['valid']; 
     echo "<script> window.location.replace('index.php'); 
</script>"; 
header("Location: index.php"); 
    }else{ 
     echo "Přihlášení neproběhlo správně"; 
    } 
} 
} 
} 
?>

来源

2014-09-30 user2808698

+1

什么与所有的哈希?只要sha512就足够了。 – Daan 2014-09-30 14:26:03

+0

@达安这只是测试。我知道,我只会使用sha512。 – user2808698 2014-09-30 14:27:35

+0

在你的数据库中你是否存储密码的加密值? – 2014-09-30 14:28:03

回答

1

你面临的问题是,你拼写错误“旋涡”它应该是“漩涡”

来源

2014-09-30 14:28:58 Daan

+0

谢谢,但它仍然没有工作 – user2808698 2014-09-30 14:30:23

+0

@ user2808698 :debuggin 101:'echo' - “如果给定的algo参数包含不支持的算法,则散列函数将返回bool(false)并发出警告。” – 2014-09-30 14:30:48

0

我已经改变了代码一点,这似乎是工作。花括号顺序是为你搞乱的,因为else指向不正确的if。

我已经在整个脚本中添加了评论,所以你可以看到我想说的话。

mysql_connect('localhost','user','pass'); 
mysql_select_db('test'); 

# You can use your post methods, I've used these for testing. 
$email = mysql_real_escape_string('email'); 
$pass = $_GET['pw']; 


$hash = hash("sha512", $pass); 
$hash1 = hash("whirlpool", $hash); 
$hash2 = hash("sha384", $hash1); 
$pass = $hash2; 

# Now you can see the PW input 
echo $pass."<br>"; 

# Nonsense 
$password = $pass; 

    # By using $sql you can echo your query to see what results would it yield upon running it. 
    $sql = "SELECT * FROM test WHERE em='$email' AND pw='$password'"; 
    $query=mysql_query($sql) or die(mysql_error()); 
    $count=mysql_num_rows($query); 

    # Echo stuff to see what their results are 
    echo $sql."<br>"; 
    echo $count."<br>"; 


    # Let's see if we all got it right? 
    if($count==1){ 

    while ($row=mysql_fetch_array($query)) { 
    $username=$row['un']; 
    $heslo=$row['pw']; 
    $_SESSION['valid'] = $username; 

if(isset($_SESSION['valid'])){ 
     $realtime = date("d-m-Y h:i:s"); 
     $session = $_SESSION['valid']; 

     # Commented out for testing purposes. I mean the header. 
     echo "all is well"; 
     //header("Location: index.php"); 
} // this closes the if(isset... 
} // this closes the while loop 
# Note that the curly brackets have changed. Now the else points correctly to the other branch if $count is not equal to 1. 
} else { 
     echo "Přihlášení neproběhlo správně"; 
    }

来源

2014-09-30 14:34:18

+0

@ user2808698 - 你可以测试这个请看它是否工作? – 2014-10-01 06:28:19

相关问题

 相关问题