I am unsure as to how to convert an MD5 dehashing into a normal verification. I would like to change a hashed string to standard one. I am generating the hashed password as echo password_hash(".......", PASSWORD_DEFAULT);
, just don't know how to check it in login form. My workflow is below:
if (isset($_POST['username'], $_POST['password'])) {
$username = $_POST['username'];
$password = md5($_POST['password']);
if (empty($username) or empty($password)) {
$error = 'Prosz? poda? login i has?o !';
} else {
$query = $pdo->prepare("SELECT * FROM users WHERE user_name = ? AND user_password = ?");
$query->bindValue(1, $username);
$query->bindValue(2, $password);
$query->execute();
$num = $query->rowCount();
if ($num == 1) {
//user entered correct details
$_SESSION['logged_in'] = true;
header('Location: index.php');
exit();
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…