0

以下代码不起作用:

登录页面:

if (isset($_POST['login'])) {
    $name = $mysqli->real_escape_string($_POST['name']);
    $pass = $_POST['pass'];
    $query = "SELECT * FROM users WHERE name='{$name}'";
    $result = $mysqli->query($query) or die($mysqli->error.__LINE__);
    if($result->num_rows > 0) {
    while($row = $result->fetch_assoc()) {
            if(password_verify($pass, $row['pass'])){
                $_SESSION['logged'] = true; 
                $_SESSION['name'] = $row['name'];
                $_SESSION['pass'] = $row['pass'];
                //header('Location: index.php');
                echo "Workded";
            } else {
                echo "Crypt Not Matching";
            }
        }
    }
}

用于插入数据库的代码:

if (empty($e1)) {
        $password = password_hash($pass, PASSWORD_BCRYPT);
        if ($mysqli->query("INSERT into users (name, pass, email, gamertag, psnid, youtube, fbauth) VALUES ('$username', '$password', '$email', '$xbox', '$psn', '$youtube', '$fbid')")) {
            session_start();
            $_SESSION['logged'] = true; 
            $_SESSION['name'] = $username;
            $_SESSION['pass'] = $password;
            header('Location: index.php');
        }
    }

谁能指出我做错了什么?

4

1 回答 1

0

1 - 调试 $_POST 变量并检查它是否从 HTTP POST 请求中正确传递

var_dump($_POST);

2 - 在 foreach 循环中调试数据库的结果,并检查您是否正确地从数据库中检索信息

while($row = $result->fetch_assoc()) {
    var_dump($row);
}

3 - 测试 password_hash 和 password_verify 是否正常工作。

$pwd = 'some_password';
$hash = password_hash($pwd, PASSWORD_BCRYPT);
var_dump(password_verify($pwd, $hash);
于 2013-05-09T00:44:05.500 回答