为什么password_verify返回false？

Z时代
2024-01-10
分类：问答

我正在使用a password_verify检查我的哈希密码。我有PHP 5.5：

   $this->db_connection = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
        // if no connection errors (= working database connection)
        if (!$this->db_connection->connect_errno) {
            // escape the POST stuff
            $user_name = $this->db_connection->real_escape_string($_POST['user_name']);
            // database query, getting all the info of the selected user (allows login via email address in the
            // username field)
            $sql = "SELECT user_name, user_email, user_password_hash
                    FROM users
                    WHERE user_name = '" . $user_name . "' OR user_email = '" . $user_name . "';";
            $result_of_login_check = $this->db_connection->query($sql);
            // if this user exists
            if ($result_of_login_check->num_rows == 1) {
                // get result row (as an object)
                $result_row = $result_of_login_check->fetch_object();
                // using PHP 5.5's password_verify() function to check if the provided password fits
                // the hash of that user's password
                if (password_verify($_POST['user_password'], $result_row->user_password_hash)) {
                    // write user data into PHP SESSION (a file on your server)
                    $_SESSION['user_name'] = $result_row->user_name;
                    $_SESSION['user_email'] = $result_row->user_email;
                    $_SESSION['user_login_status'] = 1;