我使用CodeIgniter-bcrypt作为我的登录表单,遇到了一堵墙,我希望有人能给我一些启示。
在我的控制器中,根据指令,我有以下命令将密码存储为散列:
$parent_password = $this->bcrypt->hash_password('parent_password');
在登录表单中,我有以下代码(现在,出于测试目的,我只是使用父登录进行测试,然后再传递给其他用户):
public function login_process(){
if($this->input->post('action_type') == 'login'){
$username = $this->input->post('username');
$normal_password = $this->input->post('password');
$password = md5($normal_password);
$remember_me = $this->input->post('remember_me');
$user_type = $this->input->post('t');
if($user_type == 'admin'){
$user_info_array = $this->admins_m->get_admin_detail("admin_username = " . $this->db->escape($username) . " AND MD5(admin_password) = " . $this->db->escape($password) . "");
}else if($user_type == 'teacher'){
$user_info_array = $this->teachers_m->get_teacher_detail("teacher_email = " . $this->db->escape($username) . " AND teacher_password = " . $this->db->escape($password, $stored_hash) . "");
}else{
$user_info_array = $this->parents_m->get_parents_detail("parent_email = " . $this->db->escape($username) . " AND parent_password = " . $this->bcrypt->check_password($password, $stored_hash) . "");
}
当我尝试登录使用父测试,我得到一个PHP错误的stored_hash不是一个定义的变量。
这里的任何帮助将是非常感激的。提前感谢大家。
您需要通过用户名检索用户,然后检查他们使用数据库中存储的密码登录的密码:
$user = $this->db->where('username', $this->input->post('username')
->get('users')->row();
返回用户:
$valid = $this->bcrypt->verify($this->input->post('password'), $user->password);