密码 Hash::check 无效 (SQL+Laravel)
Password Hash::check not working (SQL+Laravel)
我的网站登录系统使用 laravel 框架。
然后我为该网站创建了一个 android 应用程序,并创建了一个单独的 login.php 以便人们从 android 应用程序登录。此文件上传到 public_html 目录。
问题用户在Hash::check验证通过后才能登录。 Hash::check 不工作的原因我不知道!!
login.php
<?php
namespace App\Http\Controllers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Hash;
$email = 'xxxx';
$password = 'xxxx';
$token = $_POST["token"];
$con=mysqli_connect("localhost", "xxxx", "xxxx", "xxxx");
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = mysqli_query($con, $sql);
if($result) {
if (mysqli_num_rows($result) >= 1 ) {
$row = mysqli_fetch_assoc($result);
$hashPassword = '$row["password"]';
if (Hash::check($password, $hashPassword))
{
$response = array("success" => "1", "user_details" => $row, "message"=>"You have been logged in successfully");
}
} else {
$response = array("success" => "0", "message"=>"Please enter valid email and password");
}
} else {
$response = array("success" => "0", "message"=>"Server error");
}
header('Content-type: application/json');
echo json_encode($response);
?>
更新:
我手动尝试了 Hash::make 和 Hash::check,但它们不起作用!
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use App\Http\Controllers\Controller;
手动散列密码:
$password = 'JohnDoe';
$hashedPassword = Hash::make($password);
echo $hashedPassword;
这可能是对我有用的临时解决方案。
我从数据库中提取了散列密码并将其与发布的密码进行了比较。
我换成:
Hash::check($password, $hashedPassword)
有:
password_verify($password, $hashedPassword)
<?php
$email = $_POST["email"];
$password = $_POST["password"];
$token = $_POST["token"];
$con=mysqli_connect("localhost", "xxxx", "xxxx", "xxxx");
$sql = "SELECT * FROM users WHERE username = '$email'";
$result = mysqli_query($con, $sql);
if($result){
if (mysqli_num_rows($result)>= 1 ) {
$json_array['user_details'] = array();
while($row = mysqli_fetch_assoc($result)){
$json_array['user_details'][] = $row;
$roww = $row['password'];
}
if(password_verify($password, $roww)){
$response = array("success" => "1", "user_details" => $json_array, "message"=>"You have been logged in successfully");
$sql = "UPDATE users SET token='$token' WHERE email='$email'";
$result = mysqli_query($con, $sql);
}else{
$response = array("success" => "0", "message"=>"Please enter valid email and password");
}
}
}else{
$response = array("success" => "0", "message"=>"Server error");
}
header('Content-type: application/json');
echo json_encode($response);
我的网站登录系统使用 laravel 框架。 然后我为该网站创建了一个 android 应用程序,并创建了一个单独的 login.php 以便人们从 android 应用程序登录。此文件上传到 public_html 目录。
问题用户在Hash::check验证通过后才能登录。 Hash::check 不工作的原因我不知道!!
login.php
<?php
namespace App\Http\Controllers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Hash;
$email = 'xxxx';
$password = 'xxxx';
$token = $_POST["token"];
$con=mysqli_connect("localhost", "xxxx", "xxxx", "xxxx");
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = mysqli_query($con, $sql);
if($result) {
if (mysqli_num_rows($result) >= 1 ) {
$row = mysqli_fetch_assoc($result);
$hashPassword = '$row["password"]';
if (Hash::check($password, $hashPassword))
{
$response = array("success" => "1", "user_details" => $row, "message"=>"You have been logged in successfully");
}
} else {
$response = array("success" => "0", "message"=>"Please enter valid email and password");
}
} else {
$response = array("success" => "0", "message"=>"Server error");
}
header('Content-type: application/json');
echo json_encode($response);
?>
更新:
我手动尝试了 Hash::make 和 Hash::check,但它们不起作用!
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use App\Http\Controllers\Controller;
手动散列密码:
$password = 'JohnDoe';
$hashedPassword = Hash::make($password);
echo $hashedPassword;
这可能是对我有用的临时解决方案。 我从数据库中提取了散列密码并将其与发布的密码进行了比较。
我换成:
Hash::check($password, $hashedPassword)
有:
password_verify($password, $hashedPassword)
<?php
$email = $_POST["email"];
$password = $_POST["password"];
$token = $_POST["token"];
$con=mysqli_connect("localhost", "xxxx", "xxxx", "xxxx");
$sql = "SELECT * FROM users WHERE username = '$email'";
$result = mysqli_query($con, $sql);
if($result){
if (mysqli_num_rows($result)>= 1 ) {
$json_array['user_details'] = array();
while($row = mysqli_fetch_assoc($result)){
$json_array['user_details'][] = $row;
$roww = $row['password'];
}
if(password_verify($password, $roww)){
$response = array("success" => "1", "user_details" => $json_array, "message"=>"You have been logged in successfully");
$sql = "UPDATE users SET token='$token' WHERE email='$email'";
$result = mysqli_query($con, $sql);
}else{
$response = array("success" => "0", "message"=>"Please enter valid email and password");
}
}
}else{
$response = array("success" => "0", "message"=>"Server error");
}
header('Content-type: application/json');
echo json_encode($response);