Home>
<! DOCTYPE html>
<html>
<head>
<meta charset = "UTF-8">
<title>Test</title>
</head>
<body>
<? php

// password encryption
$hash_pass = password_hash ($_ POST ['password'], PASSWORD_DEFAULT);

/ * try
{* /
// $pro_id = $_ POST ['id'];
$pro_name = $_ POST ['name'];
$pro_password = $_ POST ['password'];
// $pro_created = $_ POST ['created'];
// $pro_modified = $_ POST ['modified'];
// $pro_delflg = $_ POST ['delflg'];
// $pro_user = $_ POST ['user'];

// $pro_id = htmlspecialchars ($pro_id, ENT_QUOTES, 'UTF-8');
$pro_name = htmlspecialchars ($pro_name, ENT_QUOTES, 'UTF-8');
$pro_password = htmlspecialchars ($pro_password, ENT_QUOTES, 'UTF-8');
// $pro_created = htmlspecialchars ($pro_created, ENT_QUOTES, 'UTF-8');
// $pro_modified = htmlspecialchars ($pro_modified, ENT_QUOTES, 'UTF-8');
// $pro_delflg == htmlspecialchars ($pro_delflg, ENT_QUOTES, 'UTF-8');
// $pro_user == htmlspecialchars ($pro_user, ENT_QUOTES, 'UTF-8');






// Database connection information
$dsn = 'mysql: dbname = test;host = localhost;charset = utf8';
$user = 'root';
$password = '';
// Start database connection
$dbh = new PDO ($dsn, $user, $password);
$dbh->setAttribute (PDO :: ATTR_ERRMODE, PDO :: ERRMODE_EXCEPTION);

// sql insert statement
$sql = 'INSERT INTO login_users (name, password) VALUES (?,?)';
$stmt = $dbh->prepare ($sql);
$stmt->bindParam (': id', $_POST ['id']);
$stmt->bindParam (': password', $hash_pass);
// $data [] = $pro_id;
$data [] = $pro_name;
$data [] = $pro_password;
// $data [] = $pro_created;
// $data [] = $pro_modified;
// $data [] = $pro_delflg;
// $data [] = $pro_user;



// return the result to be executed
$stmt->execute ($data);
//
$dbh = null;
// print $pro_id;
// print 'has been added.<br />';
print $pro_name;
Added print '.<br />';
print $pro_password;
Added print '.<br />';
// print $pro_created;
// print 'has been added.<br />';
// print $pro_modified;
// print 'has been added.<br />';
// print $pro_delflg;
// print 'has been added.<br />';
// print $pro_user;
// print 'has been added.<br />';




/ *}
catch (Exception $e)
{
    print'I am sorry for the inconvenience. ';
    exit ();
} * /
?>
<a href = "pro_list.php">Back</a>
</body>
</html>
The user registration function is made with php.
In the above code, the hashed password is not stored in the DB.
Anything that is not hashed goes into the DB.
Where should I fix it?
The following error message is displayed while implementing
Has occurred.
### Error message


Error message

### Corresponding source code

Enter the language name here
Source code
`` `

Tried

Please describe what you tried for the problem here.

Supplemental information (FW/tool version etc.)

Please provide more detailed information here.

php
  • Answer # 1

    $stmt->bindParam (': password&apos ;, $hash_pass);The

    If you store

    name,password, I think the following SQL will be used.

    $sql = 'INSERT INTO login_users (name, password) VALUES (: name,: password)';
    $hash_pass = password_hash ($_ POST ['password'], PASSWORD_DEFAULT);
    $stmt = $dbh->prepare ($sql);
    $stmt->bindParam (': name', $_POST ['name']);
    $stmt->bindParam (': password', $hash_pass);
    $stmt->execute ();

    For the difference between using named parameters and unnamed placeholders, you should take a look at Manual.

    PHP: PDOStatement :: execute-Manual
    http://php.net/manual/en/pdostatement.execute.php

  • Answer # 2

      

    $sql ='INSERT INTO login_users (name, password) VALUES (?,?)&apos ;;
      $stmt = $dbh->prepare ($sql);
      $stmt->bindParam (': id&apos ;, $_POST ['id']);
      $stmt->bindParam (': password&apos ;, $hash_pass);

    Isn't you use bindParam for the named process even though it's written with a question mark placeholder?
    Please send it to either