dr5648 2016-04-10 18:31
浏览 18
已采纳

注册和登录时,PHP密码哈希不一样[关闭]

When a user registers and logs in, I use the same password_hash function to hash the plain-text password.

password_hash($password, PASSWORD_DEFAULT)

However the password is not the same.

I can prove this another way by simply registering two users with the same password.

For example "admin" turns into "$2y$10$SyqILazLbo4jJVYvxYfwW.WgHUnSi.cRMETWoMjZXwMNa4H4tYELK"

on one user, and "$2y$10$gXfVz6oH4afxAL.7ytFJseZV3VERxbSYXqN7FYsRzH4IrjJw9uyO6" on another. This means the password_hash will never be the same, so user cann ever log in.

What am I doing wrong?

  • 写回答

2条回答 默认 最新

  • dongtou2016 2016-04-10 18:45
    关注

    You need to use password_verify for verifying if password is correct or not. Something like this 

    <?php

$password = "rasmuslerdorf";

$hash =  password_hash($password, PASSWORD_DEFAULT);

if (password_verify($password, $hash)) {
  echo 'Password is valid!';
} else {
  echo 'Invalid password.';
}

?>

    reference page

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 smptlib使用465端口发送邮件失败
  • ¥200 总是报错,能帮助用python实现程序实现高斯正反算吗?有偿
  • ¥15 对于squad数据集的基于bert模型的微调
  • ¥15 为什么我运行这个网络会出现以下报错?CRNN神经网络
  • ¥20 steam下载游戏占用内存
  • ¥15 CST保存项目时失败
  • ¥15 树莓派5怎么用camera module 3啊
  • ¥20 java在应用程序里获取不到扬声器设备
  • ¥15 echarts动画效果的问题,请帮我添加一个动画。不要机器人回答。
  • ¥15 Attention is all you need 的代码运行