php - 加密登录密码
问题描述
有人可以看到我的代码有什么问题吗?当我尝试登录时,它无法识别密码。我有非常相似的管理员代码,它正在工作,但这个不是。
function register_client(){
if(isset($_POST['register'])){
$client_name = escape_string($_POST['client_name']);
$client_surname = escape_string($_POST['client_surname']);
$client_email = escape_string($_POST['client_email']);
$client_phone = escape_string($_POST['client_phone']);
$client_password = escape_string($_POST['client_password']);
$country = escape_string($_POST['country']);
$city = escape_string($_POST['city']);
$zip_code = escape_string($_POST['zip_code']);
$client_address = escape_string($_POST['client_address']);
$client_password = password_hash($password, PASSWORD_BCRYPT, array('cost' =>10));
$get_query = query("SELECT client_email FROM client_db");
confirm($get_query);
$tem = 0;
while($row = fetch_array($get_query)){
$check_mail = $row['client_email'];
if($client_email === $check_mail){
$tem++;
}
}
if($tem === 0){
$query = query("INSERT INTO client_db(client_name, client_surname, client_email, client_password, client_phone, country, city, zip_code, client_address) VALUES('{$client_name}', '{$client_surname}', '{$client_email}', '{$client_password}', '{$client_phone}', '{$country}', '{$city}', '{$zip_code}', '{$client_address}') ");
confirm($query);
redirect("client_login.php");
}else{
set_message("incorrect email address");
}
}
}
function login_client(){
if(isset($_POST['submit_client'])){
$user_email = escape_string($_POST['client_email']);
$password = escape_string($_POST['client_password']);
$query = query("SELECT * FROM client_db WHERE client_email = '{$user_email}' ");
confirm($query);
while($row = fetch_array($query)){
$db_password = $row['client_password'];
$client_id = $row['client_id'];
}
if(password_verify($password, $db_password)){
$_SESSION['user_login'] = $client_id;
redirect("index.php?id={$client_id}");
}
else{
set_message("Your username or password are incorect! ");
redirect("client_login.php");
}
}
}
解决方案
也许这一行是错误的,因为这里 $password 是未知的:
$client_password = password_hash($password, PASSWORD_BCRYPT, array('cost' =>10));
应该:
$client_password = password_hash($client_password, PASSWORD_BCRYPT, array('cost' =>10));
推荐阅读
- json - 如何在 scala 中使用 json?
- javascript - primeng 和 angular 的动态下拉选项
- xml - Outlook 2016 未使用自动发现 XML
- python - 无法在表中使用 Beautiful Soup 抓取人员 ID 数据
- powerbi - Power BI 可视化格式窗格文本标题没有 tedt 标题输入框
- php - 通过 PHP-DI(自动装配)工作获得 Slim
- c - 在 C 中的进程之间传输 JPEG 文件
- google-cloud-platform - 如何在单个 bq 命令中删除项目的多个 bigquery 数据集
- vue.js - 如何在 vue.js datepicker 中设置出生日期和死亡日期的日期范围?
- android - 打开 BottomSheetDialogFragment 时禁用中断