时间戳

首页 > 解决方案 > 如何在 php 中使用 password_hash 加密密码?

php - 如何在 php 中使用 password_hash 加密密码?

问题描述

我想加密密码并将其存储在数据库中,但我不太了解如何使用 password_hash。我找到了一些教程,但它不起作用。

下面是connection.php

<?php
    $conn = new mysqli("localhost","root","","mydata");
    if (!$conn) {
        die('Please Check your connection'/mysqli_error($conn));
    }
?>

下面是login.php

<?php
require_once('connection.php');

    $msg="";
    if (isset($_POST['login'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $password_encrypted = password_hash($password, PASSWORD_DEFAULT);

        $sql = "SELECT * FROM login WHERE UserName=? AND Password=? ";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("ss",$username,$password_encrypted);
        $stmt->execute();
        $result =  $stmt->get_result();
        $row = $result->fetch_assoc();

        session_regenerate_id();
        $_SESSION['username'] = $row['UserName'];
        session_write_close();

        if($result-> num_rows==1 && $_SESSION['username']=="admin")
            {   header("location:home.php"); }
        else{   $msg = "Username or Password is Incorrect!!!";}
    }

?>

标签: phpmysql

解决方案

Try the below code for verifying password

<?php
require_once('connection.php');

    $msg="";
    if (isset($_POST['login'])) {
        $username = $_POST['username'];
        $password = $_POST['password'];
        $password_encrypted = password_hash($password, PASSWORD_DEFAULT);

        $sql = "SELECT * FROM login WHERE UserName=? ";
        $stmt = $conn->prepare($sql);
        $stmt->bind_param("ss",$username);
        $stmt->execute();
        $result =  $stmt->get_result();
        $row = $result->fetch_assoc();
        if ($result->num_rows > 0) {
            while($row){
                if(password_verify($row['password'], $password_encrypted)) {
                    session_regenerate_id();
                    $_SESSION['username'] = $row['UserName'];
                    session_write_close();
                    if ($_SESSION['username']=="admin") {
                        $msg = "Login successfully!!!";
                        header("location:home.php");
                    }else{
                        $msg = "Login successfully!!!";
                        header("location:user.php");
                    } 
                }else{
                    $msg = "Username or Password is Incorrect!!!";
                }
            }
        }else{
            $msg = "Username or Password is Incorrect!!!";
        }
    }
?>

推荐阅读