0 html php mysql jquery codeigniter
我是数据库中CodeIgniter的新用户,密码字段使用加密密钥编码,但是当我想登录时,它与密码不匹配.控制器名称,视图和模型分别是Hello,login和user_model.
这是我的观点:
<html>
<head>
<title></title>
<style>
.text-danger {
color: red;
}
</style>
<script>
function myFun() {
var r4 = document.getElementById('email').value;
var r5 = document.getElementById('password').value;
if (r4 == "") {
document.getElementById('f4').style.display = "block";
return false;
}
else if (r5 == "") {
document.getElementById('f5').style.display = "block";
return false;
}
}
function myFun4(r) {
if (r != 0) {
document.getElementById('f4').style.display = "none";
}
}
function myFun5(r) {
if (r != 0) {
document.getElementById('f5').style.display = "none";
}
}
</script>
</head>
<body style="background-color: #99BC99">
<br>
<form method="post" action="logindata">
<table border='1' align='center'>
<tr>
<th>Email</th>
<td>
<input type="text" name="email" id="email" onkeyup="myFun4(this.value)">
<span class="text-danger"><?php echo form_error('email'); ?></span>
<span id="f4" class="text-danger" style="display: none">This Field is required</span>
</td>
</tr>
<tr>
<th>Password</th>
<td>
<input type="password" name="password" id="password" onkeyup="myFun4(this.value)">
<span class="text-danger"><?php echo form_error('password'); ?></span>
<span id="f5" class="text-danger" style="display: none">This Field is required</span>
</td>
</tr>
<tr>
<th colspan="2"><button id="submit" name="submit" onclick="return myFun()">Submit</button></th>
</tr>
</table>
</form>
</body>
</html>
我的控制器是
<?php
class Hello extends CI_Controller {
public function __construct() {
parent::__construct();
$this->load->library('session');
$this->load->helper('form');
$this->load->helper('url');
$this->load->helper('html');
$this->load->library('image_lib');
$this->load->database();
$this->load->library('form_validation');
$this->load->model('user_model');
$this->load->library('encrypt');
}
function index() {
$this->load->view('login.php');
}
function logindata() {
$f1 = $this->input->post("email");
$f2 = $this->input->post("password");
$encrypt_pwd2 = $this->encrypt->encode($f2);
$this->form_validation->set_rules("email", "Email", "trim|required");
$this->form_validation->set_rules("password", "Password", "trim|required");
if ($this->form_validation->run() == FALSE) {
$this->load->view('login');
} else {
$data = $this->user_model->get_password($f1, $f2);
$plainpassword = $this->encrypt->decode($data);
if ($plainpassword == $f2) {
$this->dataa['posts'] = $this->user_model->userdata($f1, $f2);
$this->load->view('home', $this->dataa);
} else {
$this->load->view('home');
}
}
}
} ?>
这是我的模特
<?php
class User_model extends CI_Model {
public function __construct() {
parent::__construct();
$this->load->database();
$this->load->library('encrypt');
}
function get_password($f1, $f2) {
$this->db->select('password');
$this->db->from('user_detail');
$this->db->where('email', $f1);
return $this->db->get()->result()->row('password');
}
function userdata($f1, $f2) {
$q = $this->db->get_where('user_detail', array('email' => $f1));
if ($q->num_rows() > 0) {
foreach ($q->result() as $row) {
$dataa[] = $row;
}
return is_array($dataa) ? $dataa : array();
}
}
}
?>
我注意到的第一件事是你试图"加密"密码.99.99%的时间,这是错误的做法.您要对密码执行的操作是使用专为密码存储而设计的算法.
PHP实际上有一个非常有用的库,称为密码哈希(http://php.net/password-hash).
存储密码时,您需要使用password_hash功能.以下代码段显示了如何使用密码"password1!"
<?php
password_hash("password1!", PASSWORD_DEFAULT);
?>
当它运行时,它将产生类似于的输出
$2y$11$q5MkhSBtlsJcNEVsYh64a.aCluzHnGog7TQAKVmQwO9C8xb.t89F.
这是您将存储在数据库中的值.
在尝试验证密码是否正确时,您可以使用php password_verify函数.该函数将返回一个布尔值.如果返回true,则表示用户已成功通过身份验证.
<?php
$original_hash = SOMETHING // this is the hash you have stored in a database
// in this case, it would be
// $2y$11$q5MkhSBtlsJcNEVsYh64a.aCluzHnGog7TQAKVmQwO9C8xb.t89F.
if (password_verify('password1!', $original_hash)) {
echo 'Successful login';
// do normal login things here
} else {
echo 'invalid password.';
// return an error because they had the wrong password
}
?>
PHP已经占用了大量繁重的工作,您可以使用它来安全地处理密码.
| 归档时间: |
|
| 查看次数: |
967 次 |
| 最近记录: |