PHP password_verify 不匹配哈希

PHP password_verify not matching hash

所以我有两个用于注册和登录的功能。注册工作正常,用户 table 已填充,哈希存储在 user_pass 列等。登录时,我保持收到 "Wrong Details" 错误消息。 password_verify 似乎与输入的密码不匹配。你们能看出我的代码有什么问题吗?我在这里挠头....

public function register($uname,$umail,$upass)
{
    try
    {
        $new_password = password_hash($upass, PASSWORD_DEFAULT);

        $stmt = $this->conn->prepare("INSERT INTO users(user_name,user_email,user_pass) 
                                                   VALUES(:uname, :umail, :upass)");

        $stmt->bindparam(":uname", $uname);
        $stmt->bindparam(":umail", $umail);
        $stmt->bindparam(":upass", $new_password);                                        

        $stmt->execute();   

        return $stmt;   
    }
    catch(PDOException $e)
    {
        echo $e->getMessage();
    }               
}


public function doLogin($uname,$umail,$upass)
{
    try
    {
        $stmt = $this->conn->prepare("SELECT user_id, user_name, user_email, user_pass FROM users WHERE user_name=:uname OR user_email=:umail ");
        $stmt->execute(array(':uname'=>$uname, ':umail'=>$umail));
        $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
        if($stmt->rowCount() == 1)
        {
            if(password_verify($upass, $userRow['user_pass']))
            {
                $_SESSION['user_session'] = $userRow['user_id'];
                return true;
            }
            else
            {
                return false;
            }
        }
    }
    catch(PDOException $e)
    {
        echo $e->getMessage();
    }
}

rowCount() 不是 return SELECT 语句中的行数。查询是否成功就不用测试了,可以右移测试密码:

public function doLogin($uname,$umail,$upass)
{
    try
    {
        $stmt = $this->conn->prepare("SELECT user_id, user_name, user_email, user_pass FROM users WHERE user_name=:uname OR user_email=:umail ");
        $stmt->execute(array(':uname'=>$uname, ':umail'=>$umail));
        $userRow=$stmt->fetch(PDO::FETCH_ASSOC);

        if(password_verify($upass, $userRow['user_pass']))
        {
            $_SESSION['user_session'] = $userRow['user_id'];
            return true;
        }
        else
        {
            return false;
        }

    }
    catch(PDOException $e)
    {
        echo $e->getMessage();
    }
}