因为我的代码是正确的,所以我总是得到回显“ Username / Passwordcorrect”.用户名/密码是否匹配.我的问题是,我在下面的代码中为PHP总是回显“用户名/密码错误”而做错了什么?
require 'privstuff/dbinfo.php';
$password1 = $_POST["password1"];
$username = $_POST["username"];
$mysqli = new mysqli(DB_SERVER, DB_USER, DB_PASSWORD, DB_DATABASE);
if(mysqli_connect_errno()) {
echo "Connection Failed. Please send an email to owner@othertxt.com regarding this problem.";
exit();
}
if ($stmt = $mysqli->prepare("SELECT username, password FROM accounts WHERE username=? and password=?")) {
$db_pw = password_hash($password1, PASSWORD_BCRYPT);
$stmt->bind_param("ss", $username, $db_pw);
$stmt->execute();
if ($stmt->affected_rows > 0) {
echo "Logged in.";
}else{
echo "Username/Password incorrect.";
}
$stmt->close();
}
$stmt->close();
$mysqli->close();
?>
更新我已将if($stmt-> affected_rows> 0)更改为if($stmt-> num_rows).仍然不起作用
更新2我已经意识到问题是我使用password_hash($password1,PASSWORD_BCRYPT);我没有意识到哈希每次都给出不同的字符串.我不了解如何使用password_verify
解决方法:
This function only works with queries which update a table. In order to get the number of rows from a SELECT query, use 07001 instead.
$stmt->store_results();
if ($stmt->num_rows > 0) {
...
}
标签:mysqli,login,php
来源: https://codeday.me/bug/20191028/1955643.html