Newbie here. I'm trying to encrypt the user password using SHA-256 after they've made their account and then when the user tries to log in, it will try to match their input with any of the encrypted passwords in the mysql database. I was wondering if someone could give me an example code?
使用SHA-256加密创建和检索密码的php命令是什么?
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
分享- 邀请回答
-
2条回答 默认 最新
- drqj8605 2011-04-19 06:55关注
Hashing works one-way, so you cannot really 'retrieve' what you have hashed.
When you save the password on registration, use something like this:
$hash=hash('sha256', $password);And only save
$hashin the database. When the user tries to log in, hash the password he tries to use and compare it to the one in the database (hashing will always give the same result for the same input). If they are the same, he can be logged in (if all additional checks are satisfied).If you want to let the user recover his forgotten pass, refer to this earlier question.
Also, the best practice in hashing passwords is to use some kind of
salt, which is out of the scope of this question, but please google it.本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报 分享
- 2011-04-19 06:49回答 2 已采纳 Hashing works one-way, so you cannot really 'retrieve' what you have hashed. When you save the pa
- 2014-07-14 08:14回答 2 已采纳 Apart from the order being swapped, it looks like in PHP you're treating the salt value as a liter
- 2014-11-28 17:23回答 1 已采纳 You're inserting raw binary garbage. That will naturally (and semi-randomly) contain SQL metachata
- 2021-04-21 19:56紫木祀水的博客 RS256 (采用SHA-256 的 RSA 签名) 是一种非对称算法, 它使用公共/私钥对: 标识提供方采用私钥生成签名, JWT 的使用方获取公钥以验证签名。由于公钥 (与私钥相比) 不需要保护, 因此大多数标识提供...
- 2014-06-11 14:15回答 1 已采纳 If you use hash() and base64 encode once you get the same result. $s = 'abcd123ABCD00-4000'; $sig
- 2012-08-09 21:14回答 4 已采纳 If you are referring to a hexadecimal string output, then yes, that is case insensitive. It is a
- 2022-02-14 15:58回答 2 已采纳 import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.securit
- 2021-03-22 23:45MMMEY的博客 之间的区别加密和认证,为什么你想认证加密而不仅仅是加密.要实现经过身份验证的加密,您需要对MAC进行加密。加密和认证的顺序是非常重要的!这个问题的现有答案之一犯了这个错误;许多用PHP编写的密码库也是如此。...
- 2010-07-29 17:22回答 1 已采纳 I'd guess you should pass the raw data, not an hexadecimal representation of it. I say this becaus
- 2013-12-06 20:58回答 2 已采纳 Solved. It was a problem with character codes. Instead of this: var text = "\x00\x44\xb0\x2c\x0b"
- 2023-03-20 18:20回答 1 已采纳 现在sha-1因为可以人为碰撞造假,所以普遍被淘汰了。
- 2021-03-16 23:55weixin_39727706的博客 本问题已经有最佳答案,请猛点这里...我想用sha512。$con=mysqli_connect("localhost","root","","users");// Check connectionif (mysqli_connect_errno()){echo"Failed to connect to MySQL:" . mysqli_connect...
- 2015-05-11 08:22回答 2 已采纳 Here is the code that worked in the end: // Get the certificate file and read the key $pubKey = o
- 2021-03-18 00:27美界柯南的博客 然后,该盐前缀为输入密码的SHA-512,组合的字符串再次为SHA-512,其实现方式如下:String password = testpwd.getText().toString();SecureRandom rand = new SecureRandom();byte[] randbytes = new byte[16];...
- 2021-04-29 01:41唐文成的博客 本问题已经有最佳答案,请猛点这里...比如盐渍加密等,我不太明白,所以简单的解释会很有帮助。这就是我目前所知道的。用户登录时输入用户名和密码。然后输入经过一个过程。假设用户名和密码组合如下:$username = (...
- 没有解决我的问题, 去提问
