我已经查看了其他问题/答案,并试图修改我的代码多种方式以适应他们的答案,但没有成功。我有一个工作正常的注册表单,并使用password_hash函数成功地将用户添加到数据库。密码字段为VARCHAR(255),并在输入时显示为哈希值。
问题在于登录表单。我整天都尝试过各种各样的方法而没有成功。下面是我当前的login.php脚本。
<?php
session_start(); // Starting Session
$error=''; // Variable To Store Error Message
if (isset($_POST['submit'])) {
//error if both boxes empty
if (empty($_POST['email']) || empty($_POST['password'])) {
$error = "Please fill in both boxes";
}
else
{
// connecting, selecting database
require_once 'dbstuff.php';
include 'opendb.php';
// To protect MySQL injection for Security purpose and define $email and $password
$email = mysqli_real_escape_string($cxn,$_POST['email']);
$password = mysqli_real_escape_string($cxn,$_POST['password']);
//selects user = to email given
$sel_user = "SELECT * from Customer WHERE email='$email'";
$result = $cxn->query($sel_user);
//if matched email in DB verifies password given with hashed password in DB
if($result->num_rows ===1){
$row = $result->fetch_array(MYSQLI_ASSOC);
if (password_verify($password, $row['password'])){
echo "match";
//$_SESSION['login_user']=$email; // Initializing Session
//header("location: index.php"); // Redirecting To Other Page
} else {
$error = "email or Password is invalid";
}
}
mysqli_close($cxn); // Closing Connection
}
}
?>
$ error变量工作正常,但仍然无法查看我在password_verify中出错的地方,继续收到电子邮件或密码无效&#39;错误而不是&#39;匹配&#39;。
我真的很感激我对代码中错过的一些反馈!谢谢:))