password_verify 尽管密码正确,但密码始终无效
password_verify always invalid password although password is correct
我不知道我的代码有什么问题
hash.php(通过cryp密码插入)
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//pass
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$salt = md5(uniqid(rand()));
$options = [
'cost' =>11,
'salt' => $salt
];
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."\n";
$sql = mysqli_query($con, "INSERT INTO `pass`(`nama`, `hash_password`, `salt`) VALUES ('$w5','$hash_password','$salt')")or die(mysqli_error($con));
if ($sql) {
echo $hash_password;
} else {
echo "gagal";
}
?>**
hashlog.php
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//user
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$sql = mysqli_query($con, "select hash_password from pass where nama='$w5'")or die(mysqli_error($con));
$row = mysqli_fetch_assoc($sql);
$hash = $row['hash_password'];
$hash = $row['hash_password'];
//$hash ='y[=12=]be5c43957cd3df608521u4PiYrUUyK/dQRSlc/g5UVdDdKk1WChy';
if (password_verify($w6, $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>**
在我的情况下,尽管密码正确,但密码始终无效
请帮助我
问题是您指定了一个无效的 salt 值。你不应该自己指定 salt ,让库为你生成一个。如果你真的想指定一个 salt,使用这样的代码来做:
$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);
此外,我认为您的问题是在散列密码处附加了 \n;你必须删除它:
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."\n"; //remove this "\n"
我不知道我的代码有什么问题 hash.php(通过cryp密码插入)
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//pass
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$salt = md5(uniqid(rand()));
$options = [
'cost' =>11,
'salt' => $salt
];
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."\n";
$sql = mysqli_query($con, "INSERT INTO `pass`(`nama`, `hash_password`, `salt`) VALUES ('$w5','$hash_password','$salt')")or die(mysqli_error($con));
if ($sql) {
echo $hash_password;
} else {
echo "gagal";
}
?>**
hashlog.php
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//user
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$sql = mysqli_query($con, "select hash_password from pass where nama='$w5'")or die(mysqli_error($con));
$row = mysqli_fetch_assoc($sql);
$hash = $row['hash_password'];
$hash = $row['hash_password'];
//$hash ='y[=12=]be5c43957cd3df608521u4PiYrUUyK/dQRSlc/g5UVdDdKk1WChy';
if (password_verify($w6, $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>**
在我的情况下,尽管密码正确,但密码始终无效 请帮助我
问题是您指定了一个无效的 salt 值。你不应该自己指定 salt ,让库为你生成一个。如果你真的想指定一个 salt,使用这样的代码来做:
$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);
此外,我认为您的问题是在散列密码处附加了 \n;你必须删除它:
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."\n"; //remove this "\n"