php - 注册php、mysql密码、数据库
问题描述
我正在尝试制作一个注册表单,将用户名和密码保存到 phpmyadmin 的数据库中。
问题是用户名已保存但密码未保存。我的意思是当我使用密码“12345”注册时,当我进入数据库时,我的密码没有保存为“12345”,而是保存为“96991368fec63c8a1bfc48a70010f84a”或其他一些随机数......在数据库中我输入了 Char(40)为密码。
这是我的代码:
<?php
session_start();
$db=mysqli_connect("localhost","root","","register");
if(isset($_POST['register'])){
session_start();
$username=mysqli_real_escape_string($db,$_POST['username']);
$email=mysqli_real_escape_string($db,$_POST['email']);
$password=mysqli_real_escape_string($db,$_POST['password']);
$password =md5($password);
$sql = "INSERT INTO users(username,email,password)
VALUES('$username', '$email', '$password')";
mysqli_query($db, $sql);
$_SESSION['message'] = " You are now logged in";
$_SESSION['username'] = $username;
header("location: Login.php");
}
?>
这是形式:
form method="post" action="Registration.php">
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" class="textInput"></td>
</tr>
<tr>
<td>Email:</td>
<td><input type="email" name="email" class="textInput"></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" class="textInput"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="register"Value="Register"></td>
</tr>
</table>
</form>
解决方案
使用准备好的语句
<?php
$host = 'localhost';
$user = 'root';
$pass = '';
$db = 'register';
try {
$db_conn = new mysqli("$host", "$user", "$pass", "$db");
$db_conn->set_charset("utf8");
} catch (Exception $e) {
echo "Connection failed: " . $e->getMessage();
}
if(isset($_POST['register'])) {
session_start();
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_STRING);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
$password = password_hash($password, PASSWORD_BCRYPT);
$query = $db_conn->prepare("INSERT INTO users(username,email,password)VALUES(?,?,?)");
$query->bind_param('sss', $username, $email, $password);
$query->execute();
$counts = $query->num_rows;
$query->close();
if ($counts > 0) {
$_SESSION['message'] = " You are now logged in";
$_SESSION['username'] = $username;
header("location: Login.php");
} else {
echo 'registration failed... Something went wrong';
}
}
?>
当用户尝试登录时结束执行此操作
$query = $db_conn->prepare("select password from users where username = ? limit 1");
$query->bind_param('s', $username);
$query->bind_result($dbpassword);
$query->execute();
$query->store_result();
$query->fetch();
$query->close();
if (password_verify($password, $dbpassword)) {
echo "login success";
} else {
echo "wrong password";
}
推荐阅读
- android - 如何删除材质按钮中图标上的色调?
- azure - Azure Functions 在创建新密钥版本或密钥保管库过期时触发
- javascript - ajax请求删除功能的问题
- java - 执行 Maven 安装时构建 Maven 项目时出错
- java - java.io.FileOutputStream.write(int, boolean) 本机方法的源代码
- knex.js - Knex:在不接受绑定参数的原始查询中使值安全
- struct - 存储关联变量
- c# - 查找控件无法找到使用文字控件创建的控件
- linux - 启动 linux 终端的脚本,等待 1 秒,然后在其中启动命令
- sql-server - SQL Server:选择列并对其执行正则表达式