Hi liebe NN-Community,
Ich habe grade ein kleines Problem.
Und zwar schreibe ich grade ein Loginsystem mit PHP soweit funktioniert auch alles bis auf das Login, da hat er Probleme mit dem Passwort Hash.
Registrieren kann man sich.
Hier mal beide datein. Vielleicht findet ihr den Fehler.
register.inc.php
PHP
<?php
if(isset($_POST['signup-submit'])){
require 'dbh.inc.php';
$username = $_POST['name'];
$email = $_POST['email'];
$pw = $_POST['pw1'];
$pw2 = $_POST['pw2'];
if(!filter_var($email, FILTER_VALIDATE_EMAIL) && !preg_match("/^[a-zA-Z0-9]*$/", $username)) {
header("Location: ../register.php?error=invalidmailname");
exit();
} else if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header("Location: ../register.php?error=invalidmail&name=".$username);
exit();
} else if(!preg_match("/^[a-zA-Z0-9]*$/", $username)) {
header("Location: ../register.php?error=invalidname&mail=".$email);
exit();
} else if($pw == $pw2){
header("Location: ../register.php?error=passwordcheckname=".$username."&mail=".$email);
exit();
} else {
$sql = "SELECT uidUsers FROM users WHERE uidUsers=?";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../register.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "s", $username);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$resultCheck = mysqli_stmt_num_rows($stmt);
if ($resultCheck > 0) {
header("Location: ../register.php?error=usertaken&mail=".$email);
exit();
} else {
$sql = "INSERT INTO users (uidUsers, emailUsers, pwdUsers) VALUES (?, ?, ?)";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../register.php?error=sqlerror");
exit();
} else {
$hashed = password_hash($pw, PASSWORD_DEFAULT);
mysqli_stmt_bind_param($stmt, "sss", $username, $email, $hashed);
mysqli_stmt_execute($stmt);
header("Location: ../register.php?register=success");
exit();
}
}
}
}
mysqli_stmt_close($stmt);
mysqli_close($conn);
} else {
header("Location: ../register.php");
exit();
}
?>login.inc.php
Hier sagt er immer egal was ich eingebe Passwort ist falsch!
PHP
<?php
if (isset($_POST['login-submit'])) {
require 'dbh.inc.php';
$mailuid = $_POST['email'];
$password = $_POST['pw'];
$sql = "SELECT * FROM users WHERE uidUsers=? OR emailUsers=?;";
$stmt = mysqli_stmt_init($conn);
if (!mysqli_stmt_prepare($stmt, $sql)) {
header("Location: ../index.php?error=sqlerror");
exit();
} else {
mysqli_stmt_bind_param($stmt, "ss", $mailuid, $mailuid);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($row = mysqli_fetch_assoc($result)) {
$pwdCheck = password_verify($password, $row['pwdUsers']);
if ($pwdCheck == false) {
header("Location: ../index.php?error=wrongpwd");
exit();
} else if ($pwdCheck == true) {
session_start();
header("Location: ../index.php?login=seccest");
exit();
}
}
}
} else {
header("Location: ../index.php");
exit();
}
?>
