PHP登录注册（密码加密）

根据基本教程整理下的代码，代码目录如下（php小白，勿喷，小白共勉）

连接数据库php代码（conndb.php）

<?php
//conndb.php 连接数据库
	$servername = "localhost";
	$username = "root";
	$password = "lJPi1KOvGwwplD9o"; 
	$dbname = "database1";
	$port = "3306";

// 创建连接
	$conn = new mysqli($servername, $username, $password, $dbname);
// 检测连接
	if ($conn->connect_error) {
    	die("连接失败: " . $conn->connect_error);
	}

?>

注册html界面（register.html）

<form action="php/register.php" method="post">
			登录名：<input type="text" name="username" placeholder="登录名"/><br /> 
			密码：<input type="password" name="password" placeholder="密码" /><br /> 真实名字：
			<input type="text" name="truename" placeholder="真实名字" /><br /> 联系号码：
			<input type="tel" name="phone" placeholder="联系方式" /><br /> 地址：
			<input type="text" name="address" placeholder="地址" /><br /> 头像：
			<input type="text" name="imgpath" placeholder="头像" /><br />
			<input type="submit" name="submit" value="注册" />
		</form>

注册功能php代码（reigter.php）

<?php
	require "conndb.php";

	$username = $_POST['username'];
	$password = $_POST['password'];
//	密码加密
	$hashpwd = password_hash($password, PASSWORD_DEFAULT);
	echo "<script>console.log($hashpwd)</script>";
	
	$truename = $_POST['truename'];
	$phone = $_POST['phone'];
	$address = $_POST['address'];
	$imgpath = $_POST['imgpath'];
	
	//获取当前时间
//	$time = date("Y/m/d h:i:sa");
//	$time = date("Y-m-d h:i:sa");
//	$begintime = $time;
//	$changetime = $time;
	
//	判断是否已经存在将要注册的用户名
	$sqlsearch = "select * from user where username='$username'";
	$seresult = $conn->query($sqlsearch);
	if($seresult->num_rows>0){
		echo "该用户名已经存在，请输入其他用户名";
		header("Location:../register.html");
	}else{
		echo "没有该用户信息";
		$sqlinsert = "INSERT INTO user (username, password, truename, phone, address, imgpath) VALUES ('$username','$hashpwd','$truename','$phone','$address','$imgpath')";
		if ($conn->query($sqlinsert) === TRUE) {
    		echo "新记录插入成功";
    		header("Location:../login.html");
		} else {
    		echo "出错,重新注册 " . $sql . "<br>" . $conn->error;
    		header("Location:../register.html");
		}
	}

?>

登录界面html（login.html）

<!DOCTYPE html>
<html>

	<head>
		<meta charset="UTF-8">
		<title>登录</title>
		<script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
	</head>

	<body>
		<!--login.html界面-->
		<form action="php/login.php" method="post">
			登录名：<input type="text" name="username" placeholder="登录名" /><br /> 密码：
			<input type="password" name="password" placeholder="密码" /><br />
			<input type="submit" name="submit" value="登陆" />
		</form>
	</body>

</html>

注册功能php代码（login.php）

<?php
	require "conndb.php";
	if(isset($_POST["submit"]) && $_POST["submit"] == "登陆"){
		
		$username = $_POST['username'];
		$password = $_POST['password'];
	
//		登录功能,密码是明文，登录如下，因密码已经加密，故弃用
//		$sqllogin = "select * from user where username = '$username' and password = '$password'";
//		if($username == "" || $password == ""){
//			echo "<script>alert('用户名密码不能为空'); history.go(-1);</script>";
//		}else{
//			$result = mysqli_query($conn, $sqllogin);
//			$num = mysqli_num_rows($result);
//			if($num){
//				$row = mysqli_fetch_array($result, MYSQLI_NUM);
////				显示登录的用户名
////				echo $row[0];
////				跳转到主界面
//				header("Location:../index.html");
//			}else{
//				echo "<script>alert('用户名密码不正确');history.go;</script>";
//			}
//		}
		
		
		if($username == "" || $password == ""){
			echo "<script>console.log('用户名密码不能为空');history.go(-1);</script>";
		}else{
//			获取数据库密码hash值
			$userpwd = "select * from user where username = '$username'";
			$resultpwd = $conn->query($userpwd);
			$pwd = mysqli_fetch_array($resultpwd);
//			echo $pwd['password'] . "<br />";
			$hashpwd = $pwd['password'];
//			$hash = '$2y$10$5pvJcqeVIRTLPNMaesMT5OSr3vDFcehvV6pm8kZsIHJ34UBysFo/m';
			if (password_verify($password, $hashpwd)) {
			   	echo '密码正确';
			   	header("Location:../index.html");
			} else {
			   	echo '密码错误';
			   	echo "<script>console.log('密码错误');history.go(-1);</script>";
			}	
		}
	}
	else {
		echo "<script>alert('提交未成功'); history.go(-1);</script>";
	}
?>