我已经创建了一个登录系统,它使用户能够使用先前定义的电子邮件和密码登录,但是在测试部分中,我注意到密码表示它们不匹配尽管我知道他们是正确的,因为我在测试时写下了测试结果。我似乎明白为什么发生这种情况,我认为这可能是一些与我的密码散列的,但我不知道what.The登录页面检查是从文档的login.php:PHP登录系统密码不匹配
if(empty($errors))
{
$sql = "SELECT accountID, password FROM users WHERE emails=?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$data['email']]);
if(!$row = $stmt->fetch())
{
// email didn't match
$errors['login'] = "Login failed. on email";
}
else
{
// email matched, test password
if(!password_verify($data['password'],$row['password']))
{
// password didn't match
$errors['login'] = "Login failed. on password";
}
else
{
// password matched
$_SESSION['user_id'] = $row['accountID'];
header('location: welcome.php');
die;
}
}
}
插入到数据库散列,从insert.php:
if (isset($_POST['name'])){
$name = $_POST['name'];
}
if (isset($_POST['email'])){
$email = $_POST['email'];
}
if (isset($_POST['password'])){
$pword = $_POST['password'];
}
if (isset($_POST['busName'])){
$busName = $_POST['busName'];
}
if (empty($name)){
echo("Name is a required field");
exit();
}
if (empty($email)){
echo ("email is a required field");
exit();
}
if (empty($pword)){
echo("You must enter a password");
exit();
}
$pword = password_hash($pword, PASSWORD_DEFAULT)."/n";
//insert html form into database
$insertquery= "INSERT INTO `cscw`.`users` (
`accountID` ,
`businessName` ,
`name` ,
`emails` ,
`password`
)
VALUES (
NULL , '$busName', '$name', '$email', '$pword'
);";
和网页我从login.php中所示的“登录失败的密码。”如果您需要查看更多代码,请告诉我。
'$ data'从哪里来? –
在你的password_hash行中放一下'。“/ n”' – Yolo
@FrankM $ data = array_map('trim',$ _ POST); – trezremay