Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mari_greys2019-12-19 12:13:49
PHP
mari_greys, 2019-12-19 12:13:49

Authorization problem, what to do?

Hello, I have a problem and I can't figure it out since Monday.
There is a database (if you need its screenshots, I'll throw it off), user registration goes normally through the new password_hash function and all data goes into the users table in the database. But if you go into registration using the code below, mysqli_num_rows will always display zero, only when adding to the count(*) request
, something starts to move, but then the password will always be correct.
The question is, what is wrong with my login code?
Here is the signin.php code

<?php
session_start();
require_once 'connect.php';
global $connect;

$login = $_POST['login'];
$password = $_POST['password'];
$heshik = password_hash($password, PASSWORD_DEFAULT);
$VerifyPass = password_verify($password, $heshik);


$check_user = mysqli_query($connect, "SELECT * FROM users WHERE login = '$login' AND password = '$password'");

echo mysqli_num_rows($check_user);

echo mysqli_error($connect);	

if (mysqli_num_rows($check_user) > 0){

  $user = mysqli_fetch_assoc($check_user); 

  $_SESSION['user'] = [
    "id" => $user['id'],
    "login" => $user['login'],
    "avatar" => $user['avatar'],
    "email" => $user['email']
  ];

}else{
  echo 'hui';
}
?>

Here is the signup.php code
<?php
session_start();

require_once 'connect.php';

$login = $_POST['login'];
$password = $_POST['password'];
$password_2 = $_POST['password_2'];
$email = $_POST['email'];

if ($password === $password_2){


  $path = 'http://localhost/EGCDMsite/uploads/' . time() . $_FILES['avatar']['name'];
  if (!move_uploaded_file($_FILES['avatar']['tmp_name'], $path)){
    $_SESSION['message'] = 'Ошибка при загрузке изображения';
    header('Location: http://localhost/EGCDMsite/php/EGCDMreg.php');
  }

  $password = password_hash($password, PASSWORD_DEFAULT);

  mysqli_query($connect, "INSERT INTO 'users' ('id', 'login', 'password', 'email', 'avatar') VALUES (NULL, '$login', '$password', '$email', '$path') ");

      $_SESSION['message'] = 'Регистрация прошла успешно!';
      header('Location: http://localhost/HelloPage.html');
}
else {
  $_SESSION['message'] = 'Пароли не совпадают!';
  header('Location: http://localhost/EGCDMsite/php/EGCDMreg.php');	
}
?>

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Arman, 2019-12-19
@mari_greys

password_hash always returns a different hash, to check you need to use password_verify.
password_hash - used only for registration and password change
password_verify - only for authorization
I.e. by login, you get a record from the database and through password_verify you compare the hash of the database with the specified password

Similar questions
B
bio2015-03-31 04:08:43
How to make a soap xml parser? 2Reply
R
Rooly2021-03-23 11:40:40
How to properly organize apiResource Laravel? 2Reply
H
Healis2022-01-16 18:03:19
How to apply a gradient to an image so that the gradient does not go beyond the edges? 2Reply
I
ITpie2021-03-25 20:16:06
How to make docker to test python code with certain libraries? 3Reply
S
Steve2022-01-20 23:47:23
How to hide the real path to css? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question