PDO中的哈希密码错误/通知 [英] Hash Password in PDO Error/Notice

查看:123
本文介绍了PDO中的哈希密码错误/通知的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如果运行此命令,则会出现以下错误:

If I run this I get the following error:

注意:仅变量应通过引用在第11行的/var/www/interface/register.php中传递 成功

Notice: Only variables should be passed by reference in /var/www/interface/register.php on line 11 Success

我不知道该如何解决.它仍然成功,并且数据在数据库中进行了哈希处理,但是我不希望收到此通知.

I dont know how to fix that. It's still successful and the data is hashed in the database, but I don't want this notice.

$sql = " INSERT INTO users (username, password) VALUES (:username, :password)";
    $stmt = $conn->prepare($sql);

    $stmt->bindParam(':username', $_POST['username']);
    $stmt->bindParam(':password', password_hash($_POST['password'], PASSWORD_BCRYPT));


    if ($stmt->execute()) :
        die('Success');
    else:
        die('Fail');
    endif;

谢谢.

推荐答案

您不能在

You cannot do password_hash($_POST['password'], PASSWORD_BCRYPT) inside bindParam, because password_hash returns a string, do:

$password = password_hash($_POST['password'], PASSWORD_BCRYPT);
$stmt->bindParam(':password', $password);

如果您希望保留这些值,请使用 bindValue :

If you wish to leave the values there use bindValue:

$stmt->bindValue(':username', $_POST['username']);
$stmt->bindValue(':password', password_hash($_POST['password'], PASSWORD_BCRYPT));

因为它允许引用作为变量.

because it allows varibles by reference.

bindParam 期望变量或const不能是原始类型,例如字符串或int,...,显式(例如:"some_hardcoded_string")也不可以是函数返回此类型之一.

bindParam expects a variable or const it can't be a primitive type such as a string or an int, ..., explicitly (ex: "some_hardcoded_string") neither can it be a function that returns one of this types.

bindValue 可以接收引用和原始类型作为参数.

bindValue can receive references and primitive types as an argument.

两个示例:

$query->bindParam(':user', $user, PDO::PARAM_STR);

$query->bindValue(':pass', sha1($password), PDO::PARAM_STR);

SHA1是一个返回值,它可以是数字12345(为方便起见,请假设此示例)

SHA1 is returns a value, it could be a number 12345 (let's say for the sake of the example)

$query->bindValue(':pass', 12345, PDO::PARAM_STR);

或字符串.

$query->bindValue(':pass', 'hashed_password', PDO::PARAM_STR);

已回答的问题:

retated questions:

  • Strict Standards: Only variables should be passed by reference in m_auth
  • PDO pass by reference notice?
  • Strict Standards: Only variables should be passed by reference

这篇关于PDO中的哈希密码错误/通知的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆