Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Donald2016-01-20 13:54:42
PHP
Donald, 2016-01-20 13:54:42

What is wrong with PDO?

I can't figure out what I'm doing wrong.
There is in the database, for example, the login admin and the password admin
In the form I enter the login admin and the password admin

include_once 'connectDB.php';
    
if (isset($_POST['entry'])) {
    $login = $_POST['login'];    
    $password = password_hash($_POST['password'], PASSWORD_BCRYPT, ['cost' => 12]);
    $sql = $pdo->prepare("SELECT login, password FROM dataname WHERE login=? AND password=?");
    $sql->execute([$login, $password]);
    $data = $sql->fetch();

    if ($data['login'] == $login and $data['password'] == $password) {        
        echo 'YES';
    }
    else {
        echo 'NO';
    }
}

and he writes to me that there is no such thing, as I understand that something does not match.
and if I remove the password, then the logins are the same
include_once 'connectDB.php';
    
if (isset($_POST['entry'])) {
    $login = $_POST['login'];    
    $password = password_hash($_POST['password'], PASSWORD_BCRYPT, ['cost' => 12]);
    $sql = $pdo->prepare("SELECT login FROM dataname WHERE login=?");
    $sql->execute([$login]);
    $data = $sql->fetch();

    if ($data['login'] == $login) {        
        echo 'YES';
    }
    else {
        echo 'NO';
    }
}

Registration
include_once 'connectDB.php';
if (isset($_POST['go'])) {
    $login = $_POST['login'];
    $password = password_hash($_POST['password'], PASSWORD_BCRYPT, ['cost' => 12]);
    if(!empty($login)) {
        $sql = $pdo->prepare("INSERT INTO dataname(login, password) VALUES (?, ?)");
        $sql->execute([$login, $password]);           
        echo "YES" ;
    }
    else {
        echo "NO";
    }
}
?>

Entrance
include_once 'connectDB.php';
    
if (isset($_POST['entry'])) {
    $login = $_POST['login'];    
    $password = password_hash($_POST['password'], PASSWORD_BCRYPT, ['cost' => 12]);
    $sql = $pdo->prepare("SELECT login, password FROM dataname WHERE login=? AND password=?");
    $sql->execute([$login, $password]);
    $data = $sql->fetch();

    if ($data['login'] == $login and $data['password'] == $password) {        
        echo 'YES';
    }
    else {
        echo 'NO';
    }
}

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrey Burov, 2016-01-20
Duck @Don_Donald

password_hash generates different strings every time. use password_verify to verify.

include_once 'connectDB.php';
    
if (isset($_POST['entry'])) {
    $login = $_POST['login'];    
    $sql = $pdo->prepare("SELECT login, password FROM dataname WHERE login=?");
    $sql->execute([$login]);
    $data = $sql->fetch();

    if (password_verify($_POST['password'], $data['password'])) {        
        echo 'YES';
    }
    else {
        echo 'NO';
    }
}

Similar questions
G
GRO242019-08-30 15:23:29
Why doesn't Bootstrap 4 align blocks? 2Reply
W
WebforSelf2021-03-23 23:45:26
How to start server after centos 7 backup, vestacp? 3Reply
I
Isaac Clark2017-04-05 13:43:42
HTML5 GAME: Is it better to use Canvas or DIV for sprite animation? 5Reply
A
Alexander2018-12-11 11:58:31
How to make anchor links in PDF? 1Reply
B
brar2014-06-15 15:52:44
Should I install Win Ser 2012 on bare metal or on VMWare? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question