如何将密码哈希与PDO结合使用以使代码更安全？

我的代码实际上可以正常工作，但是它不是绝对安全的，我不想使用MD5，因为它不是那么安全。我一直在查找密码哈希，但不确定如何将其合并到代码中。

登录：

require_once DIR.'/config.php'; session_start();

$dbh = new PDO('mysql:host=' . DB_HOST . ';dbname=' . DB_USERNAME, DB_USERNAME, DB_PASSWORD);

$sql = "SELECT * FROM users WHERE username = :u AND password = :p"; $query = $dbh->prepare($sql); // prepare $params = array(":u" => $_POST['username'], ":p" => $_POST['password']); $query->execute($params); // execute

$results = $query->fetchAll(); // then fetch

//hash passwords pls

if (count($results) > 0 ){ $firstrow = $results[0]; $_SESSION['username'] = $firstrow['username']; echo "Hello $username you have successfully logged in"; //header ("location:.php"); } else{ echo "Login Has Failed"; return; } 寄存器：

$dbh = new PDO('mysql:host=' . DB_HOST . ';dbname=' . DB_USERNAME, DB_USERNAME, DB_PASSWORD);

$username = $_POST["username"]; $email = $_POST["email"]; $password = $_POST["password"];

$stmt = $dbh->prepare("insert into users set username='".$username."', email='".$email."', password='".$password."' "); $stmt->execute(); echo "

Thank you, you are registered