问题描述
我正在尝试创建一些管理员登录名。我认为我的代码是正确的,因为当我输入错误的电子邮件和密码时,错误消息会出现在登录页面上。但是,当我输入正确的数据库数据时,它也会显示错误消息。
请帮助我。感谢您的回答。
我的控制器(Admin.PHP):
public function index()
{
$this->admindashboard();
}
public function admindashboard()
{
$data = array();
/* $data['main_content'] = $this->load->view('admin_main','',TRUE); */
$this->load->view('admin/admin_main',$data);
}
public function admin_regst()
{
$data = array();
$data['main_content'] = $this->load->view('admin-regist',TRUE);
$this->load->view('admin/admin_main',$data);
}
public function index()
{
$this->load->view('login');
}
public function adminchecklogin()
{
$data = array();
$adminemail = $this->input->post('admin_email',TRUE);
$adminpassword = $this->input->post('admin_psw',TRUE);
$this->load->model('M_login_admin');
$admindetails = $this->M_login_admin->admin_login_check($adminemail);
if (password_verify($adminpassword,$admindetails->admin_psw)) {
if ($admindetails->admin_status == 1) {
$session_data['adminid'] = $admindetails->admin_id;
$session_data['adminemail'] = $admindetails->admin_email;
$session_data['adminusername'] = $admindetails->admin_username;
$session_data['adminstatus'] = $admindetails->admin_status;
$this->session->set_userdata($session_data);
redirect('Admin');
} else {
$data['error_msg'] = "User ini tidak aktif....!!!";
redirect('login',$data);
}
} else {
redirect('error-login',$data);
}
}
public function login_error()
{
$data['error_msg'] = "Email atau Password Anda Salah....!!!";
$this->load->view('login',$data);
}
我的模型(M_login_admin.PHP):
public function admin_login_check($adminemail)
{
$admin_details = $this->db->select('*')
->from('admin')
->where('admin_email',$adminemail)
->get()
->row();
return $admin_details;
}
我的观点(login.PHP):
<body>
<section class="hero is-fullheight">
<div class="hero-body container has-text-centered">
<div class="login">
<img src="https://logoipsum.com/logo/logo-1.svg" width="325px" />
<p>
<?PHP
if (isset($success_msg)) {
echo $success_msg;
}
?>
</p>
<p>
<?PHP
if (isset($error_msg)) {
echo $error_msg;
}
?>
</p>
<form action="<?= base_url(); ?>Login_admin/adminchecklogin" method="POST">
<div class="Box">
<div class="field">
<div class="control">
<input class="input is-medium is-rounded" type="email" placeholder="hello@example.com" autocomplete="username" name="admin_email" required />
</div>
</div>
<div class="field">
<div class="control">
<input class="input is-medium is-rounded" type="password" placeholder="**********" autocomplete="current-password" name="admin_psw" required />
</div>
</div>
<div class="field has-text-left ml-3 mt-5">
<label class="checkBox">
<input type="checkBox">
Remember me
</label>
</div>
</div>
<button class="button is-block is-fullwidth is-primary is-medium is-rounded" type="submit">
Login
</button>
</form>
<br>
</div>
</div>
</section>
解决方法
您的数据库中有admin_psw
的纯文本格式,可以解释password_verify()
失败的原因。
要使用password_verify(),必须使用password_hash()
对密码进行哈希处理,通常在用户首次注册时或用户更改密码的任何时间完成
查看
的文档password_hash()
in the PHP manual