我将表单中的数据发布到此逻辑以注册用户。我的问题是,如何在这个逻辑中将发布到$userpw变量的信息传递给令牌,然后将令牌内容作为用户密码插入db。我对php很陌生,请对我宽容一点。我是不是应该把insert语句改成包含token变量而不是userpw变量?
//---sanitize function on a different file.
require 'sanitize.php';
//-------------variables including the hashed token--------------
$userid = $username= $userpw = $userfname = $userlname = '';
$salt = "qm&h*";
$pepper = "pg!@";
$token = hash('ripemd128', "$salt$userpw$pepper");
//--------existing insert logic-------------
if (isset($_POST['user_name']) &&
isset($_POST['user_pw']) &&
isset($_POST['user_fname']) &&
isset($_POST['user_lname']))
{
$username = sanitizeString($_POST['user_name']);
$userpw = sanitizeString($_POST['user_pw']);
$userfname = sanitizeString($_POST['user_fname']);
$userlname = sanitizeString($_POST['user_lname']);
$query = "INSERT INTO users (user_name, user_pw, user_fname, user_lname) VALUES" .
"('$username', '$userpw', '$userfname', '$userlname')";
$result = $conn->query($query);
if (!$result) echo "INSERT failed: $query<br>" .
$conn->error . "<br><br>";
1条答案
按热度按时间7vux5j2d1#
根据注解,这是正确的更改: