duanbei1598
2015-09-11 08:52
浏览 60
已采纳

我的密码被哈希并保存在数据库中,但它与用户在文本框中提供的密码无法匹配

my password is hashed and saved in database but it is couldn't match it with the password which user is giving in textbox.

   //form submission 
if(isset($_POST['submit_pwd']))
{ //input form username
 $us = isset($_POST['usr']) ? $_POST['usr'] : '';
   // input for user password
 $passw = isset($_POST['passwd']) ? $_POST['passwd'] : ''; 
  //retreiving vlaues from database  
$sql = "SELECT * FROM adminclient"; 
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while($row = mysqli_fetch_assoc($result)) {

 $username= $row['username'];
 $password = $row['password'];
   //username and password matches from database 
 if ($us == $username && password_verify($passw, $password) ) { 

    session_start();
    $_SESSION['username']=$_POST['usr'];
    header("location: success.php");    
 }

}echo " <script type='text/javascript'>
 alert('Wrong Username and Password combination');</script> ";
                                    }
}

?>

图片转代码服务由CSDN问答提供 功能建议

我的密码经过哈希处理并保存在数据库中,但无法与用户提供的密码相匹配 textbox。

  //表单提交
if(isset($ _ POST ['submit_pwd']))
 {//输入表单用户名
 $ us = isset  ($ _POST ['usr'])?  $ _POST ['usr']:''; 
 //输入用户密码
 $ passw = isset($ _ POST ['passwd'])?  $ _POST ['passwd']:'';  
 //从数据库中检索vlaues 
 $ sql =“SELECT * FROM adminclient”;  
 $ result = mysqli_query($ conn,$ sql); 
if(mysqli_num_rows($ result)&gt; 0){
while($ row = mysqli_fetch_assoc($ result)){
 
 $ username = $ row [  'username']; 
 $ password = $ row ['password']; 
 //用户名和密码匹配数据库
 if($ us == $ username&amp;&amp; password_verify($ passw,$ password)  ){
 
 session_start(); 
 $ _SESSION ['username'] = $ _ POST ['usr']; 
 header(“location:success.php”);  
} 
 
} echo“&lt; script type ='text / javascript'&gt; 
 alert('错误的用户名和密码组合');&lt; / script&gt;”; 
} 
} 
  
?&gt; 
   
 
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duancuan7057 2015-09-11 09:00
    已采纳

    You are not converting input password to hashed password. Because, in table Hashed Password is saved. So, you need to convert it. If md5 was used.. Then use $passw=md5($passw);to convert. Or, If sha1 was used then use $passw=SHA1($passw).

    //form submission 
    if(isset($_POST['submit_pwd']))
        $us = isset($_POST['usr']) ? $_POST['usr'] : '';
        $passw = isset($_POST['passwd']) ? $_POST['passwd'] : ''; 
    
        $passw=md5($passw); // Change Input Password To md5 Password
    
        //Check Here It Self in SQL Query
        $sql = "SELECT * FROM adminclient WHERE username='$us' AND password='$passw'";
        $result = mysqli_query($conn, $sql);
        if (mysqli_num_rows($result) > 0) 
        {
            while($row = mysqli_fetch_assoc($result))
            {
                    session_start();
                    $_SESSION['username']=$_POST['usr'];
                    header("location: success.php");    
            }
    
        }
        else
        {
         echo " <script type='text/javascript'>
         alert('Wrong Username and Password combination');</script> ";
        }
    }
    ?>
    

    Check this SHA1 Password for more details.

    打赏 评论

相关推荐 更多相似问题