I am creating a login authentication system using password_hash and password_verify in PHP.
Can't implement well.
Password can be registered in MySQL using password_hash ($user_pass, PASSWORD_DEFAULT).
However, I can't figure out how to use password_verify to create a function that checks whether the passwords match.
If i try login authentication with the following code, the user ID or password is incorrect. It will be displayed.
It ’s a situation where you do n’t even know what ’s wrong.
Thank you for pointing out the improvements.
No error message.
Applicable source codetry {
$user_id = $_POST ['id'];
$user_pass = $_POST ['pass'];
$user_id = htmlspecialchars ($user_id, ENT_QUOTES, 'UTF-8');
$user_pass = htmlspecialchars ($user_pass, ENT_QUOTES, 'UTF-8');
$dsn = 'mysql: dbname = sample;host = localhost;charset = utf8';
$user = 'root';
$password = '';
$dbh = new PDO ($dsn, $user, $password);
$dbh->setAttribute (PDO :: ATTR_ERRMODE, PDO :: ERRMODE_EXCEPTION);
$sql = 'SELECT password FROM sample WHERE id =?';
$data [] = $user_id;
$stmt = $dbh->prepare ($sql);
$rec = $stmt->fetch (PDO :: FETCH_ASSOC);
if (! empty ($rec)&&password_verify ($user_pass, array_shift ($rec))) {
User ID and password match.<br/>;
} else {
print 'The user ID or password is incorrect.<br/>';
exit ();
}
}
catch (Exeption $e) {
exit ();
}
?>
Source codeI actually entered my ID and password and executed it.
The user ID or password is incorrect. It will be out.
-
Answer # 1
-
Answer # 2
Look at the password_verify manual first.
Please understand the return value.
$user_pass = password_verify ($user_pass, $result) $sql = 'SELECT username, password FROM sample WHERE id =? AND password =?'; $stmt = $dbh->prepare ($sql); $data [] = $user_id; $data [] = $user_pass;
I think the above code is for not understanding the contents of the process.
Related articles
- about using jquery variables in php laravel
- about encryption at the time of output in php using form input tyle = "password"
- php - i thought about how login and session work, but i'm worried
- about webphp and apiphp when using vuejs with laravel
- php - about the version when developing using the framework
- php - about passing value to form using tag
- cakephp/crud: about query parameter value retrieval
- php - [laravel] about the return type of the helper function view ()
- php - about bookmark function on the web
- i want to save data in phpmyadmin using insert syntax
- python - about errors when using the camera module of raspberry pie
- php - about laravel 8x components
- php - using preg_match with the same character does not result in a partial match
- php - i can't connect to the db using pdo
- php - about sqlstate [hy093]
- php - please tell me about the availability of variables in the mysql command (update syntax)
- php - about compiling javascript code in laravel development
- php - about the argument of patchentities
- nodejs - about communication using express and socketio
- php - about the speed of data transfer
- php : in mysql for fast date search it is better to use timestamp as int or as date (datetime)
- php: i want to specify a line in the database and display it
- php - i want to insert data from multiple tbls into one tbl
- mysql connection error from php (call stack trace of undefined function mysqli_connect ())
- php: i want to test the connection to mysql error: fatal error: uncaught error: call to undefined function mysql_connect ()
- php: i don't know the cause of the error on the last line unexpected end of file
- please explain the source code of cakephp
- i want to store the text obtained from php/xml in mysql
- php - i want to display two columns of the database
- php - i want to save the file path in mysql
Isn't it because the prepared statement doesn't apply the key id?