要插入数据库的PHP代码。代码有时不起作用。大部分时间它确实有效。
<?php
include 'connection.php';
if (isset($_POST['docsignup']))
{
// prepare and bind
$stmt = $link->prepare("INSERT INTO doctor_details(firstname, lastname, license_num, zip_code, city, state, email, password, speciality) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssissssss", $docfname, $doclname, $docid, $doczipcode, $city, $state, $docemail, $hash, $speciality);
// set parameters and execute
$docfname = $_POST['docfname'];
$doclname = $_POST['doclname'];
$docemail = $_POST['docemail'];
$docloginpassword = $_POST['docloginpassword'];
$docid = $_POST['docId'];
$speciality = $_POST['speciality'];
$city = $_POST['city'];
$state = $_POST['state'];
$doczipcode = $_POST['doczipcode'];
// A higher "cost" is more secure but consumes more processing power
$cost = 10;
// Create a random salt
$salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
// Prefix information about the hash so PHP knows how to verify it later.
// "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
$salt = sprintf("$2a$%02d$", $cost) . $salt;
// Value:
// $2a$10$eImiTXuWVxfM37uY4JANjQ==
// Hash the password with the salt
$hash = crypt($docloginpassword, $salt);
$stmt->execute();
echo "New records created successfully";
$stmt->close();
$link->close();
}
?>
connection.php
<?php
$link = mysqli_connect("localhost","root","","cl10-doctor");
?>
我注意到当我在密码字段中使用大写字母时代码不起作用。
我做错了吗?
答案 0 :(得分:1)
不要让它区分大小写。让用户输入他/她想要的内容,但在后台将其转换为大写或小写。
密码以不可读的格式存储在数据库中,因此无论是大写还是小写,它都不会产生任何影响。
使用php strtolower()以小写形式转换密码并将其存储在数据库中