I am creating a login authentication system using password_hash and password_verify in PHP.
Can't implement well.
Password can be registered in MySQL using password_hash ($user_pass, PASSWORD_DEFAULT).
However, I can't figure out how to use password_verify to create a function that checks whether the passwords match.
If i try login authentication with the following code, the user ID or password is incorrect. It will be displayed.
It ’s a situation where you do n’t even know what ’s wrong.
Thank you for pointing out the improvements.
No error message.
Applicable source codetry {
$user_id = $_POST ['id'];
$user_pass = $_POST ['pass'];
$user_id = htmlspecialchars ($user_id, ENT_QUOTES, 'UTF-8');
$user_pass = htmlspecialchars ($user_pass, ENT_QUOTES, 'UTF-8');
$dsn = 'mysql: dbname = sample;host = localhost;charset = utf8';
$user = 'root';
$password = '';
$dbh = new PDO ($dsn, $user, $password);
$dbh->setAttribute (PDO :: ATTR_ERRMODE, PDO :: ERRMODE_EXCEPTION);
$sql = 'SELECT password FROM sample WHERE id =?';
$data [] = $user_id;
$stmt = $dbh->prepare ($sql);
$rec = $stmt->fetch (PDO :: FETCH_ASSOC);
if (! empty ($rec)&&password_verify ($user_pass, array_shift ($rec))) {
User ID and password match.<br/>;
} else {
print 'The user ID or password is incorrect.<br/>';
exit ();
}
}
catch (Exeption $e) {
exit ();
}
?>
Source codeI actually entered my ID and password and executed it.
The user ID or password is incorrect. It will be out.
-
Answer # 1
-
Answer # 2
Look at the password_verify manual first.
Please understand the return value.
$user_pass = password_verify ($user_pass, $result) $sql = 'SELECT username, password FROM sample WHERE id =? AND password =?'; $stmt = $dbh->prepare ($sql); $data [] = $user_id; $data [] = $user_pass;
I think the above code is for not understanding the contents of the process.
Related articles
- php - about passing value to form using tag
- about using jquery variables in php laravel
- php - i thought about how login and session work, but i'm worried
- about encryption at the time of output in php using form input tyle = "password"
- php - about the version when developing using the framework
- about php functions
- about linux system calls
- about php iframe output
- php - [wp] category display using get_the_terms
- (html/php) about the meaning of
- php - i want to fix the display being enlarged when using a smartphone
- php - about display of data registered in db
- php - [laravel] questions about eloquent optimization
- php - about laravel: problems with unit testing (database testing)
- php - about "update" when adding products in the shop to the cart while creating an ec site
- google apps script - about the system that sends multiple fixed phrase emails with gas
- php - i want to save a file on another server using the move_uploaded_file function
- about php search function
- java - creating a seat reservation system using an array
- php - i want to call my name using my membership information, but
- php - database i want to be able to select any sort
- php - i don't know how to connect with mysql
- i want to edit the posted content of the bulletin board using php + mysql based on the edit number sent from the input form
- php - [beginner] i want to use variables for table names in sql syntax
- [php] i want to execute the file of server b from server a and get the result
- php - about "update" when adding products in the shop to the cart while creating an ec site
- php - symfony4 fails to create and execute a migration file
- cannot migrate in php-laravel mysql environment
- php - i want to retrieve database information, but i can't
- php - mysql insert instruction error
Isn't it because the prepared statement doesn't apply the key id?