我从数据库中获取密码,它存储在带有"(双引号)的$password变量中。我想用''(单引号)更改$password变量值。我该如何更改此设置?当我使用静态值进行测试时,$password = '$2y$10$wFgLkiJbc7MQ0aY6H7bZwehm45CFlvpSBvZmHs9m8euqPmDlP0mIK';正常并且密码有效。我的问题看起来像这个链接。
PHP password_hash和password_verify问题不匹配
如何解决$password?
$password = $result['Password'];
这是我的代码:
$get_email = $_POST['email'];
$get_password = $_POST['password'];
$result = $conn->prepare("select * from user where Email='$get_email'");
$result->execute();
foreach ($result as $result) {
$id = $result['ID'];
$password = $result['Password'];
if (password_verify($get_password, $password)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
}
当你使用双引号时,它将被用作变量,因为你的字符串中有"$",而当你使用单引号时,它将被用作字符
目前我只能向你提出一个想法。修改一下你的 mysql 查询怎么样?类似的东西
$conn->prepare("select * from user where Email='$get_email'" and `Password` = '$get_password');
如果此查询将返回空结果,则可以显示"密码无效"。不是很好的解决方案,但应该有效。
我的代码也遇到了同样的问题。我从数据库中检索散列密码,然后使用该password_verify()根据输入的密码对其进行验证。为了使代码正常工作,必须使用 trim() 修剪从数据库中检索到的散列密码。示例代码如下:
public function verifylogin() {
//this is an array with user credentials from login form
$usercred = $this->input->post();
//this will check in user model and return password, etc. where name is equal to entered name
$userdb = $this->User_model->check($usercred);
$userdbpass = trim($userdb[0]['pass']); //trim is very critical !!!
//now we check if the text pass is equal to hashed one
if (password_verify($usercred['password'], $userdbpass)) {
$sess_data = array('login' => TRUE, 'username' => $usercred['username'], 'type' => $usercred['type']);
$this->session->set_userdata($sess_data);
redirect(base_url());
} else {
$this->session->set_flashdata('msg', 'Wrong Username or Password!');
//If no session, redirect to login page
redirect(base_url() . 'users/login');
}
}