password_verify总是无效的密码，虽然密码是正确的

I don't have idea what is the trouble in my code hash.php(insert bycryp password)

**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
    $w5 = $_GET['f5'];//pass
}
if (array_key_exists("f6", $_GET)) {
    $w6 = $_GET['f6'];//pass
}
$salt = md5(uniqid(rand()));
$options = [
  'cost' =>11,
  'salt' => $salt
];
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."
";
 $sql = mysqli_query($con, "INSERT INTO `pass`(`nama`, `hash_password`, `salt`) VALUES ('$w5','$hash_password','$salt')")or die(mysqli_error($con));
    if ($sql) {
        echo $hash_password;
    } else {
        echo "gagal";
    }
?>**

hashlog.php

**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
    $w5 = $_GET['f5'];//user
}
if (array_key_exists("f6", $_GET)) {
    $w6 = $_GET['f6'];//pass
}
$sql = mysqli_query($con, "select hash_password from pass where nama='$w5'")or die(mysqli_error($con));
$row = mysqli_fetch_assoc($sql);
$hash = $row['hash_password'];
$hash = $row['hash_password'];
//$hash ='$2y$11$0be5c43957cd3df608521u4PiYrUUyK/dQRSlc/g5UVdDdKk1WChy';
if (password_verify($w6, $hash)) {
    echo 'Password is valid!';
} else {
    echo 'Invalid password.';
}
?>**

in my case always invalid password although password is correct please help me

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
dro44817 2017-03-22 07:54
关注
The problem is that you specify an invalid salt value. You should not specify the salt yourself, just leave the library generate one for you. If you really want to specify a salt, the use a code like this to do it:

$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);

Also, I think that your problem is an appended at the hashed password; you must remove it:

$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)." "; //remove this " "
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

password_verify总是无效的密码，虽然密码是正确的 mysql php
2017-03-22 07:28

回答 1 已采纳 The problem is that you specify an invalid salt value. You should not specify the salt yourself, j
无法使用password_verify验证密码 php
2019-01-10 21:17

回答 2 已采纳 @YashKaranke what is the password column's length? – Funk Forty Niner @FunkFortyNiner It is 5
php password_hash和password_verify失败 php
2017-10-22 11:17

回答 2 已采纳 You can do this via while loop and mysqli_fetch_array(). That must solve your problem.: [UPDATED]
2024年大数据最新在线教育项目用户登录和注册_admin-token和editor-token
2024-05-02 22:35

2401_84184567的博客 5.4 过滤器 5.4.1 配置yml 5.4.2 配置类 5.4.3 过滤器 5.5 token 无效 6.作业：激活 6.1 分析 6.2 完善用户注册 6.3 用户激活 6.3.1 前端实现 6.3.2 后端实现 6.4 完善用户登录后端用户服务 1.1 数据库 CREATE ...
为什么password_verify为正确的密码返回false？ php
2018-03-15 20:55

回答 1 已采纳 Not sure if answering is a good idea .. but ill try To use password_verify you must have a hashse
使用password_verify（）验证MD5密码 php
2015-07-30 10:30

回答 1 已采纳 You can't do that. What you can do is to hash the already MD5-hashed passwords via password_hash(
PHP：password_verify总是返回false php
2017-04-29 12:13

回答 2 已采纳 You need to pass simple text password without hash as first param if ( password_verify($login_pas
大数据入门教程
2020-01-08 16:29

时ˇ移的博客虽然 CentOS的技术门槛更高，但其稳定、安全、高效等特点吸引了一大批经验丰富的IT管理人员加入，从近些年来的使用情况来看，其发展非常迅猛。许多IT企业都在使用CentOS，其中不乏像淘宝、网易等IT巨头。 3.Debian...
使用password_verify登录CodeIgniter php
2019-01-09 19:31

回答 1 已采纳 What you need to do is fetch the record from the DB where only the email matches (assuming it is t
登录时如何检查Password_Verify哈希？ php
2018-01-29 04:36

回答 3 已采纳 Your code is vulnerable to SQL-Injection Please use Prepared Statements instead of inserting your
password_verify和doveadm如何在没有盐的情况下验证密码 php
2018-01-12 18:58

回答 2 已采纳 The hash contains several pieces of information. This article explains the format used by Unix but
大数据各组件安装笔记汇总
2020-12-03 19:06

ZGFAgf的博客 大数据软件安装笔记 shell脚本查看机器进程脚本 #!/bin/bash echo "-----------------cdh01-------------------------" /opt/apps/jdk1.8.0_45/bin/jps echo "" for((i=2;i<=3;i++)){ echo "-----------------...
为什么password_verify返回false？ php
2018-06-18 13:18

回答 1 已采纳 There are a variety of reasons why password_verify could be returning false, it can range from the
【史上最全】Ambari 大数据集群运维与管理操作指南
2022-03-30 19:08

大数据研习社的博客作用 Hadoop 是用在商业主机网络集群上的大规模、分布式的数据存储和处理基础架构。监控和管理如此复杂的分布式系统是不简单的。为了管理这种复杂性， Apache Ambari 从集群节点和服务收集了大量的信息，并把它们...
大数据实战记录
2020-12-14 16:16

Beth_Chan的博客 Verify the network connection [root@hadoop01 ~]# ping hadoop01 PING hadoop01 (172.16.235.134) 56(84) bytes of data. 64 bytes from hadoop01 (172.16.235.134): icmp_seq=1 ttl=64 time=0.041 ms 64 bytes ...
python语音识别_Python语音识别终极指南
2020-07-10 20:15

cumei1658的博客您可以使用pip在终端上安装SpeechRecognition： $ pip install SpeechRecognition $ pip install SpeechRecognition Once installed, you should verify the installation by opening an interpreter session and ...
Ambari 大数据集群管理
2018-05-30 17:13

weixin_30642267的博客最近做了一个大数据项目，研究了下集群的搭建，现在将集群搭建整理的资料与大家分享一下！如有疑问可在评论区回复。 1前置配置 Centos7系统，每台系统都有java运行环境全程使用root用户，避免安装过程中出现权限...
怎么快速制作web原型_如何使用AppGini快速原型制作Web应用程序
2020-09-03 03:23

culi3182的博客 Once you’ve got it installed, start the Apache and MySQL servers and verify they are working by opening http://localhost in your browser. You XAMPP control panel should look something like this: ...
iscsi发起程序chap_iSCSI，iSCSI发起程序，仲裁配置和SQL Server群集安装
2020-07-18 12:09

culuo4781的博客 We can also verify disk path in C drive for the Data file, which we created while disk configuration step. Create the same iSCSI drive for a Log file, follow the same process to configure Log drive. ...
没有解决我的问题, 去提问

悬赏问题

¥15 如何在scanpy上做差异基因和通路富集？
¥20 关于#硬件工程#的问题，请各位专家解答！
¥15 关于#matlab#的问题：期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707，使系统具有较小的超调量
¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
¥30 截图中的mathematics程序转换成matlab
¥15 动力学代码报错，维度不匹配
¥15 Power query添加列问题
¥50 Kubernetes&Fission&Eleasticsearch
¥15 報錯：Person is not mapped，如何解決？
¥15 c++头文件不能识别CDialog

password_verify总是无效的密码，虽然密码是正确的

1条回答 默认 最新

悬赏问题

1条回答默认最新