dongzhong1891 2017-05-29 09:40
浏览 38

hash_password不等于哈希密码

I have a sign up form and a login form. I try to save the password during registration with the function hash_password

$password = trim(mysqli_escape_string($conn,$_POST['inputPassword']));

$password_hash = password_hash($password, PASSWORD_DEFAULT);

$query_create_user = "INSERT INTO users (user_username, user_password, user_email) VALUES  ('$username', '$password_hash', '$email')";

$result = mysqli_query($conn, $query_create_user);

For login, I use also the function password hash.

$password = trim(mysqli_escape_string($conn,$_POST['inputPassword']));

$password_hash = password_hash($password, PASSWORD_DEFAULT);

$query_verify_user = "SELECT user_id, user_username, user_password FROM users WHERE user_username = '$username'";

if($row['user_username']==$username && $row['user_password']==$password_hash){
Header('Location: ../index.php?page=login');
}

$row['user_password']==$password_hash are never the same. During the registration, I had one hash tag. After the registration, I cant get the same hash tag as during the registration. What is the problem?

  • 写回答

2条回答 默认 最新

  • doudai3012 2017-05-29 09:43
    关注

    That is the expected behavior of password_hash, to check if the entered password was correct, you should use password_verify as stated in the PHP documentation for password_hash.

    Meaning that your code should be something like this

    $password = $_POST['inputPassword'];

$query_verify_user = "SELECT user_id, user_username, user_password FROM users WHERE user_username = '$username'";

if($row['user_username']==$username && password_verify($password, $row['user_password']){
    header('Location: ../index.php?page=login');
}
    评论

报告相同问题?

悬赏问题

  • ¥15 制裁名单20240508芯片厂商
  • ¥20 易康econgnition精度验证
  • ¥15 msix packaging tool打包问题
  • ¥28 微信小程序开发页面布局没问题,真机调试的时候页面布局就乱了
  • ¥15 python的qt5界面
  • ¥15 无线电能传输系统MATLAB仿真问题
  • ¥50 如何用脚本实现输入法的热键设置
  • ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
  • ¥30 深度学习,前后端连接
  • ¥15 孟德尔随机化结果不一致