如何解决密码哈希::检查不起作用 (SQL+Laravel)
我的网站登录系统使用 laravel 框架。 然后,我为该网站创建了一个 android 应用程序,并创建了一个单独的 login.php,以便人们从 android 应用程序登录。此文件上传到 public_html 目录。
问题用户在验证Hash::check之前无法登录。 Hash::check 对某些我不知道的原因不起作用!!
login.php
<?php
namespace App\Http\Controllers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Hash;
$email = 'xxxx';
$password = 'xxxx';
$token = $_POST["token"];
$con=mysqli_connect("localhost","xxxx","xxxx");
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = mysqli_query($con,$sql);
if($result) {
if (mysqli_num_rows($result) >= 1 ) {
$row = mysqli_fetch_assoc($result);
$hashPassword = '$row["password"]';
if (Hash::check($password,$hashPassword))
{
$response = array("success" => "1","user_details" => $row,"message"=>"You have been logged in successfully");
}
} else {
$response = array("success" => "0","message"=>"Please enter valid email and password");
}
} else {
$response = array("success" => "0","message"=>"Server error");
}
header('Content-type: application/json');
echo json_encode($response);
?>
更新:
我手动尝试了 Hash::make 和 Hash::check 但它们不起作用!
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use App\Http\Controllers\Controller;
手动散列密码:
$password = 'JohnDoe';
$hashedPassword = Hash::make($password);
echo $hashedPassword;
解决方法
这可能是对我有用的临时解决方案。 我从数据库中获取散列密码并将其与发布的密码进行比较。
我替换了:
Hash::check($password,$hashedPassword)
与:
password_verify($password,$hashedPassword)
<?php
$email = $_POST["email"];
$password = $_POST["password"];
$token = $_POST["token"];
$con=mysqli_connect("localhost","xxxx","xxxx");
$sql = "SELECT * FROM users WHERE username = '$email'";
$result = mysqli_query($con,$sql);
if($result){
if (mysqli_num_rows($result)>= 1 ) {
$json_array['user_details'] = array();
while($row = mysqli_fetch_assoc($result)){
$json_array['user_details'][] = $row;
$roww = $row['password'];
}
if(password_verify($password,$roww)){
$response = array("success" => "1","user_details" => $json_array,"message"=>"You have been logged in successfully");
$sql = "UPDATE users SET token='$token' WHERE email='$email'";
$result = mysqli_query($con,$sql);
}else{
$response = array("success" => "0","message"=>"Please enter valid email and password");
}
}
}else{
$response = array("success" => "0","message"=>"Server error");
}
header('Content-type: application/json');
echo json_encode($response);
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。