我不知道我的代码有什么问题哈希.php(插入密码(
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//pass
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$salt = md5(uniqid(rand()));
$options = [
'cost' =>11,
'salt' => $salt
];
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."n";
$sql = mysqli_query($con, "INSERT INTO `pass`(`nama`, `hash_password`, `salt`) VALUES ('$w5','$hash_password','$salt')")or die(mysqli_error($con));
if ($sql) {
echo $hash_password;
} else {
echo "gagal";
}
?>**
哈希日志.php
**<?php
$con = new mysqli("localhost", "root", "", "hast") or die(mysqli_error());
if (array_key_exists("f5", $_GET)) {
$w5 = $_GET['f5'];//user
}
if (array_key_exists("f6", $_GET)) {
$w6 = $_GET['f6'];//pass
}
$sql = mysqli_query($con, "select hash_password from pass where nama='$w5'")or die(mysqli_error($con));
$row = mysqli_fetch_assoc($sql);
$hash = $row['hash_password'];
$hash = $row['hash_password'];
//$hash ='$2y$11$0be5c43957cd3df608521u4PiYrUUyK/dQRSlc/g5UVdDdKk1WChy';
if (password_verify($w6, $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>**
在我的情况下,密码总是无效,尽管密码是正确的请帮助我
问题是您指定了无效的salt值。您不应该自己指定salt,只需让库为您生成一个即可。如果你真的想指定一个salt,请使用这样的代码来做到这一点:
$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);
另外,我认为您的问题是在散列密码处附加n; 您必须将其删除:
$hash_password = password_hash($w6, PASSWORD_BCRYPT, $options)."n"; //remove this "n"