Password_verify CodeIgniter
Password_verify CodeIgniter
提问于 2020-10-29 11:53:54
我在CodeIgniter中使用PHP。在Controller的注册函数中,我使用password_hash作为安全性。现在,我知道我需要放password_verify才能登录,但我不知道我要把它放在哪里,怎么放。
if(isset($_POST['btnRegister'])){
$this->load->library('form_validation');
$data['first_name'] = $this->form_validation->set_rules('first_name','First Name','required|ucwords|min_length[3]|trim|callback_alpha_dash_space');
$data['last_name'] = $this->form_validation->set_rules('last_name','Last Name','required|ucwords|min_length[3]|trim|callback_alpha_dash_space');
$data['gender'] = $this->form_validation->set_rules('gender','Gender','required');
$data['email'] = $this->form_validation->set_rules('email','Email','required|valid_email');
$data['password'] = $this->form_validation->set_rules('password', 'Password','required');
$data['passconf'] = $this->form_validation->set_rules('passconf', 'Password Confirmation','required|min_length[5]|matches[password]');
if($this->form_validation->run() == FALSE){
$this->load->view('main_view', $data);
}else{
$data = array(
'first_name' => $this->input->post('first_name'),
'last_name' => $this->input->post('last_name'),
'gender' => $this->input->post('gender'),
'email' => $this->input->post('email'),
'password' => password_hash($this->input->post('password'),PASSWORD_DEFAULT)
);
$this->crud_model->insert($data);
redirect(base_url() . 'main/inserted');
}
}else{
$this->load->view('main_view', $data);
}
}我不知道它是在模型里还是在控制器里
控制器中的check_login:-
public function check_login(){
$this->load->library('form_validation');
$this->form_validation->set_rules('email', 'Email', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if($this->form_validation->run()){
$email = $this->input->post('email');
$password = $this->input->post('password');
$num_row = $this->crud_model->login_model($email,$password);
if($num_row->num_rows() > 0){
foreach($num_row->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
}模型中的login_model函数:-
function login_model($email, $password){
$this->db->where('email', $email);
$this->db->where('password', $password);
$query = $this->db->get('users_tbl');
return $query;
}回答 2
Stack Overflow用户
回答已采纳
发布于 2020-10-31 16:21:11
它通过将它放入Controller解决了我的问题,下面是代码:
public function check_login(){
$this->load->library('form_validation');
$this->form_validation->set_rules('email', 'Email', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if($this->form_validation->run()){
$email = $this->input->post('email');
$password = $this->input->post('password');
$query = $this->crud_model->login_model($email, $password);
if($query->num_rows() > 0){
$rowquery = $query->row();
if (password_verify($password, $rowquery->password)){
foreach($query->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}
}虽然登录模型应该是:
function login_model($email, $password){
$this->db->where('email', $email);
$query = $this->db->get('users_tbl');
return $query;
}Stack Overflow用户
发布于 2020-10-29 12:06:42
注意:-您需要做的是首先从数据库中获取基于电子邮件的记录,其中只有电子邮件匹配(假设它是唯一的键),然后从数据库获取散列密码,并将其与用户输入的密码进行比较。
将登录模型更改为:-
public function login_model($email, $password){
$this->db->where('email', $email); // fetch by email first
$query = $this->db->get(users_tbl);
$result = $query->row(); // get the row first
if(!empty($result) && password_verify($password, $result->password)){
// if this email exists,then the input password is verified using password_verify() function by database.
return $result;
} else {
return false;
}
}请将您的控制器代码更改为:-
$num_row = $this->crud_model->login_model($email,$password);
if($num_row->num_rows() > 0){
foreach($num_row->result() as $row):
$my_id['user_id'] = $row->user_id;
endforeach;
$this->session->set_userdata($my_id);
$user_id = $this->session->userdata('user_id');
redirect(base_url() . 'main/home');
}else {
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}This:-
$admin_result = $this->crud_model->login_model($email,$password);
if ($admin_result >0){ //active user record is present
$this->session->set_userdata('admin_session',$admin_result);
$this->session->set_flashdata('login_message', '<div class="alert alert-success text-center">You are Successfully Login to your account!</div>');
redirect(base_url().'main/home');
}else{
redirect(base_url() . 'main/login' . '?email=' . md5(rand(1,1000)));
}
}else{
$this->login();
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/64590572
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号