donglv1831 2018-03-15 20:55
浏览 414
已采纳

为什么password_verify为正确的密码返回false?

I have saved the hashed password in the database and want to compare it with the user input and every time it returns false, like in the image below.

What's going wrong?

enter image description here

  • 写回答

1条回答 默认 最新

  • dongxia2068 2018-03-15 21:09
    关注

    Not sure if answering is a good idea .. but ill try

    To use password_verify you must have a hashsed version of the users password (usully in a db). you compare the plain text version with the hashed version

    https://secure.php.net/manual/en/function.password-verify.php

    to create the original hash which you store you use:

    https://secure.php.net/manual/en/function.password-hash.php

    in your code (which you shouldn't use) you are just comparing 2 strings so

    if($password==$row['password']){
echo "matched";
}

    is all that is required.

    super uber reference: Secure hash and salt for PHP passwords

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?