2

我正在尝试为一个学校项目开发一个登录系统,但我遇到了这个错误,我不知道如何修复它。

在我的数据库上,我将密码spy123存储在 sha256 哈希中,但是当我尝试在 php 中获取它时,我什么也得不到。

当前代码:

// checks if the user/password combination works.
// $username | String - the username of the user to login
// $password | 32byteHash - the hashed password of the user
// return | Boolean - Returns true if the password works for that user.
function forumLib_checkLogin($username, $password){
    $goodLogin = false; //Assume the password is wrong.

    $obtainUserPassword_query = "SELECT password FROM forum_users WHERE username = '$username'";

    $dbc = forumLib_connectToDB();
    $results = mysqli_query($dbc, $obtainUserPassword_query);
    forumLib_closeConnectionToDB($dbc);

    echo "query: $obtainUserPassword_query <br />";
    echo "results: ".mysqli_fetch_array($results)."<br />";
    $row = mysqli_fetch_array($results);
    echo "row[0]: ".$row[0]."<br />";
    echo "password: $password <br />";
    echo "DBpassword: $passwordOnDB <br />";

    //if user exists
    if($results != false){
        //get password from DB
        $row = mysqli_fetch_array($results);
        $passwordOnDB = $row['password'];

        //check password
        if($password == $passwordOnDB){
            //successfull login
            $goodLogin = false;
        }
    }

    return $goodLogin;
}

输出:

change password request detected 
query: SELECT password FROM forum_users WHERE username = 'SpyMaster356' 
results: Array
row[0]: 
password: 7d9519224964c72a90b342c565fab1e4582d0e974043798f940b471304db0e24 
DBpassword:
Current password does not match records.

sql查询没有错,因为我7d9519224964c72a90b342c565fab1e4582d0e974043798f940b471304db0e24在手动输入时返回。

这真的让我很困惑。

4

2 回答 2

4

一旦您进行了第一次调用,mysqli_fetch_array您就已经使用了第一行数据。随后,当您尝试将其捕获到$row变量中时,该行已被使用且未保存:

// Prints  'Array'. Did not save the result
echo "results: ".mysqli_fetch_array($results)."<br />";

// Doesn't get anything because the row has been previously fetched
$row = mysqli_fetch_array($results);
于 2013-02-28T17:58:19.117 回答
0

更改以下细分

echo "query: $obtainUserPassword_query <br />";
echo "results: ".mysqli_fetch_array($results)."<br />";
$row = mysqli_fetch_array($results);
echo "row[0]: ".$row[0]."<br />";
echo "password: $password <br />";
echo "DBpassword: $passwordOnDB <br />";

首先填充$row数组,并将其用于进一步的echo.

echo "query: $obtainUserPassword_query <br />";
$row = mysqli_fetch_array($results);
echo "results: ". print_r($row) ."<br />";
echo "row[0]: ".$row[0]."<br />";
echo "password: $password <br />";
echo "DBpassword: {$row[0]} <br />";
于 2013-02-28T18:01:30.627 回答