2 回答
TA贡献1934条经验 获得超2个赞
经过上述评论的建议后,我得出了这个有效的结论。
<?php
if(isset($_POST['login'])){
$user = mysqli_real_escape_string($conn,$_POST['email']);
$pass = mysqli_real_escape_string($conn,$_POST['password']); //input entered
$query = mysqli_query($conn, "SELECT * FROM users WHERE `email` = '$user'");
$numrows = mysqli_num_rows($query);
if($numrows !=0)
{
while($row = mysqli_fetch_assoc($query))
{
$dbemail=$row['email'];
$dbpassword=$row['password'];
}
if(password_verify($pass, $dbpassword))
{
session_start();
$_SESSION['email'] = $username;
//Redirect Browser
}
}
else
{
echo "<div class='alert alert-danger alert-dismissible'>
<a href='#' class='close' data-dismiss='alert' aria-label='close'>×</a>
<strong>Warning!</strong> Invalid credentials.
</div>";
}
}?>
TA贡献1946条经验 获得超3个赞
不确定,但你尝试过吗
password_verify(mysqli_real_escape_string($_POST['password']), $dbpassword)
我的意思是比较未加密的密码与哈希值。在 Laravel 中
Hash::check()
还需要非哈希密码作为参数。
- 2 回答
- 0 关注
- 134 浏览
添加回答
举报