Password_verify 代码点火器
Password_verify CodeIgniter
我在 CodeIgniter 中使用 PHP。在控制器的注册功能中,我使用 password_hash 来保证安全。现在,我知道我需要输入 password_verify 才能登录,但我不知道我要输入什么以及如何输入。
if(isset($_POST['btnRegister'])){
$this->load->library('form_validation');
$data['first_name'] = $this->form_validation->set_rules('first_name','First Name','required|ucwords|min_length[3]|trim|callback_alpha_dash_space');
$data['last_name'] = $this->form_validation->set_rules('last_name','Last Name','required|ucwords|min_length[3]|trim|callback_alpha_dash_space');
$data['gender'] = $this->form_validation->set_rules('gender','Gender','required');
$data['email'] = $this->form_validation->set_rules('email','Email','required|valid_email');
$data['password'] = $this->form_validation->set_rules('password', 'Password','required');
$data['passconf'] = $this->form_validation->set_rules('passconf', 'Password Confirmation','required|min_length[5]|matches[password]');
if($this->form_validation->run() == FALSE){
$this->load->view('main_view', $data);
}else{
$data = array(
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'gender' => $this->input->post('gender'),
'email' => $this->input->post('email'),
'password' => password_hash($this->input->post('password'),PASSWORD_DEFAULT)
);
$this->crud_model->insert($data);
redirect(base_url() . 'main/inserted');
}
}else{
$this->load->view('main_view', $data);
}
}
不知道是在Model里还是在Controller里
check_login 在控制器中:-
public function check_login(){
$this->load->library('form_validation');
$this->form_validation->set_rules('email', 'Email', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if($this->form_validation->run()){
$email = $this->input->post('email');
$password = $this->input->post('password');
$num_row = $this->crud_model->login_model($email,$password);
if($num_row->num_rows() > 0){
foreach($num_row->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
}
模型中的login_model函数:-
function login_model($email, $password){
$this->db->where('email', $email);
$this->db->where('password', $password);
$query = $this->db->get('users_tbl');
return $query;
}
注意:-您需要做的是首先从只有电子邮件匹配的数据库中获取基于电子邮件的记录(假设它是唯一键),之后从数据库中获取散列密码并将其与用户输入的密码进行比较。
将登录模型更改为:-
public function login_model($email, $password){
$this->db->where('email', $email); // fetch by email first
$query = $this->db->get(users_tbl);
$result = $query->row(); // get the row first
if(!empty($result) && password_verify($password, $result->password)){
// if this email exists,then the input password is verified using password_verify() function by database.
return $result;
} else {
return false;
}
}
请将您的控制器代码更改为:-
$num_row = $this->crud_model->login_model($email,$password);
if($num_row->num_rows() > 0){
foreach($num_row->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
这个:-
$admin_result = $this->crud_model->login_model($email,$password);
if ($admin_result >0){ //active user record is present
$this->session->set_userdata('admin_session',$admin_result);
$this->session->set_flashdata('login_message', '<div class="alert alert-success text-center">You are Successfully Login to your account!</div>');
redirect(base_url().'main/home');
}else{
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
通过将其放入 Controller 解决了我的问题,代码如下:
public function check_login(){
$this->load->library('form_validation');
$this->form_validation->set_rules('email', 'Email', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if($this->form_validation->run()){
$email = $this->input->post('email');
$password = $this->input->post('password');
$query = $this->crud_model->login_model($email, $password);
if($query->num_rows() > 0){
$rowquery = $query->row();
if (password_verify($password, $rowquery->password)){
foreach($query->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
}
而登录模型应该是这样的:
function login_model($email, $password){
$this->db->where('email', $email);
$query = $this->db->get('users_tbl');
return $query;
}
我在 CodeIgniter 中使用 PHP。在控制器的注册功能中,我使用 password_hash 来保证安全。现在,我知道我需要输入 password_verify 才能登录,但我不知道我要输入什么以及如何输入。
if(isset($_POST['btnRegister'])){
$this->load->library('form_validation');
$data['first_name'] = $this->form_validation->set_rules('first_name','First Name','required|ucwords|min_length[3]|trim|callback_alpha_dash_space');
$data['last_name'] = $this->form_validation->set_rules('last_name','Last Name','required|ucwords|min_length[3]|trim|callback_alpha_dash_space');
$data['gender'] = $this->form_validation->set_rules('gender','Gender','required');
$data['email'] = $this->form_validation->set_rules('email','Email','required|valid_email');
$data['password'] = $this->form_validation->set_rules('password', 'Password','required');
$data['passconf'] = $this->form_validation->set_rules('passconf', 'Password Confirmation','required|min_length[5]|matches[password]');
if($this->form_validation->run() == FALSE){
$this->load->view('main_view', $data);
}else{
$data = array(
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'gender' => $this->input->post('gender'),
'email' => $this->input->post('email'),
'password' => password_hash($this->input->post('password'),PASSWORD_DEFAULT)
);
$this->crud_model->insert($data);
redirect(base_url() . 'main/inserted');
}
}else{
$this->load->view('main_view', $data);
}
}
不知道是在Model里还是在Controller里
check_login 在控制器中:-
public function check_login(){
$this->load->library('form_validation');
$this->form_validation->set_rules('email', 'Email', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if($this->form_validation->run()){
$email = $this->input->post('email');
$password = $this->input->post('password');
$num_row = $this->crud_model->login_model($email,$password);
if($num_row->num_rows() > 0){
foreach($num_row->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
}
模型中的login_model函数:-
function login_model($email, $password){
$this->db->where('email', $email);
$this->db->where('password', $password);
$query = $this->db->get('users_tbl');
return $query;
}
注意:-您需要做的是首先从只有电子邮件匹配的数据库中获取基于电子邮件的记录(假设它是唯一键),之后从数据库中获取散列密码并将其与用户输入的密码进行比较。
将登录模型更改为:-
public function login_model($email, $password){
$this->db->where('email', $email); // fetch by email first
$query = $this->db->get(users_tbl);
$result = $query->row(); // get the row first
if(!empty($result) && password_verify($password, $result->password)){
// if this email exists,then the input password is verified using password_verify() function by database.
return $result;
} else {
return false;
}
}
请将您的控制器代码更改为:-
$num_row = $this->crud_model->login_model($email,$password);
if($num_row->num_rows() > 0){
foreach($num_row->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
这个:-
$admin_result = $this->crud_model->login_model($email,$password);
if ($admin_result >0){ //active user record is present
$this->session->set_userdata('admin_session',$admin_result);
$this->session->set_flashdata('login_message', '<div class="alert alert-success text-center">You are Successfully Login to your account!</div>');
redirect(base_url().'main/home');
}else{
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
通过将其放入 Controller 解决了我的问题,代码如下:
public function check_login(){
$this->load->library('form_validation');
$this->form_validation->set_rules('email', 'Email', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if($this->form_validation->run()){
$email = $this->input->post('email');
$password = $this->input->post('password');
$query = $this->crud_model->login_model($email, $password);
if($query->num_rows() > 0){
$rowquery = $query->row();
if (password_verify($password, $rowquery->password)){
foreach($query->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
}
而登录模型应该是这样的:
function login_model($email, $password){
$this->db->where('email', $email);
$query = $this->db->get('users_tbl');
return $query;
}