Newbie here. I'm trying to encrypt the user password using SHA-256 after they've made their account and then when the user tries to log in, it will try to match their input with any of the encrypted passwords in the mysql database. I was wondering if someone could give me an example code?
2条回答 默认 最新
- drqj8605 2011-04-19 06:55关注
Hashing works one-way, so you cannot really 'retrieve' what you have hashed.
When you save the password on registration, use something like this:
$hash=hash('sha256', $password);
And only save
$hash
in the database. When the user tries to log in, hash the password he tries to use and compare it to the one in the database (hashing will always give the same result for the same input). If they are the same, he can be logged in (if all additional checks are satisfied).If you want to let the user recover his forgotten pass, refer to this earlier question.
Also, the best practice in hashing passwords is to use some kind of
salt
, which is out of the scope of this question, but please google it.本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报