猿问

Oop PHP 登录检查散列密码

我的问题是在课堂上检查哈希密码。这是错误:


致命错误:未捕获错误:无法在 Auth.php:51 中使用 PDOStatement 类型的对象作为数组堆栈跟踪:#0 index.php(19): Auth->login() #1 {main} 在线 Auth.php 中抛出51


if(isset($_POST['login'])) {

    $username = $_POST['username'];

    $password = $_POST['password'];

    #LINE 19


    $ui->login($username, $password); 

}

这是我的代码


public function login ( $username, $password ) {

    $u_login = $this->conn->prepare("SELECT * FROM korisnici WHERE username = :username");

    $u_login->bindValue(':username', $username);

    $u_login->execute();

    $u_login->fetch(PDO::FETCH_ASSOC);

    # LINE 51

    $u_v_PASS = password_verify($password, $u_login['password']);  

    if($u_v_PASS->count()) {

        echo 'uspesno';

    } else { 

    }

}


婷婷同学_
浏览 122回答 1
1回答

米琪卡哇伊

您正在使用 PDOStatement 对象执行提取,但不存储该提取的结果。相反,您在 PDOStatement 对象本身中查找密码。尝试:public function login ( $username, $password ) {    $u_login = $this->conn->prepare("SELECT * FROM korisnici WHERE username = :username");    $u_login->bindValue(':username', $username);    $u_login->execute();    /*     * Now that the prepared statement has been built and executed, we can     * try to fetch a matching user and store it as $user - this will be an     * array if successful or boolean false if not.     */    $user = $u_login->fetch(PDO::FETCH_ASSOC);    /* Check that $user is not false and the password_verify returns boolean     * true when comparing the password to the hashed password stored in the     * database.     */    if ($user && password_verify($password, $user['password'])) {        // User was found and password matched    }}
随时随地看视频慕课网APP
我要回答