PHP Yii2密码加密

Need help because i'm still new to Yii2. I want to encrypt the password before saving it to the database. So i'm using sha1 but the problem is that the password field in the form has contents when i apply this line of code in the controller shown below.

$model->password = sha1($model->attributes['password']);

This is the Controller create method:

public function actionCreate()
{
    $model = new Employeeinformation();

    //$model->password = sha1($model->attributes['password']);

    $model->created_date = date('Y-m-d H:i:s');

    if ($model->load(Yii::$app->request->post()) && $model->save()) {
        return $this->redirect(['view', 'id' => $model->employee_id]);
    } else {
        return $this->render('create', [
            'model' => $model,
        ]);
    }
}

This is the form:

<div class="employeeinformation-form">

<?php $form = ActiveForm::begin(); ?>

<?= $form->field($model, 'employee_id')->textInput(['minlength' => true, 'maxlength' => true]) ?>

<?= $form->field($model, 'password')->passwordInput(['maxlength' => true]) ?>

<?= $form->field($model, 'last_name')->textInput(['maxlength' => true]) ?>

<?= $form->field($model, 'first_name')->textInput(['maxlength' => true]) ?>

<?= $form->field($model, 'hired_date')->widget(\yii\jui\DatePicker::classname(), [
    'language' => 'en',
    'dateFormat' => 'yyyy-MM-dd',
]) ?>



<div class="form-group">
    <?= Html::submitButton($model->isNewRecord ? 'Create' : 'Update', ['class' => $model->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?>
</div>

<?php ActiveForm::end(); ?>

Screenshot of my problem:

http://i.imgur.com/YTDW1Ud.png

Thank you in advance.

展开全部

写回答
好问题 0 提建议
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

6条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
doumaque6551 2015-09-02 19:19
关注
I want to encrypt the password before saving it to the database.

No you don't. Well, you might think you want to encrypt the password, but if you're trying to protect users you actually want to hash the password, not encrypt it.

SHA1 doesn't provide encryption, it's a hash function. This is a very common misconception. You can learn more about basic cryptography terms and concepts at the linked blog post.

More importantly: You don't want a fast hash like SHA1 for passwords. Use password_hash() and password_verify() and you'll have secure password storage. You don't even need to particularly care what these functions do internally to use them correctly.

public function actionCreate() { $model = new Employeeinformation(); $post = Yii::$app->request->post(); if ($model->load($post)) { $model->password = password_hash($model->password, PASSWORD_DEFAULT); $model->created_date = date('Y-m-d H:i:s'); if ($model->save()) { return $this->redirect(['view', 'id' => $model->employee_id]); } } return $this->render('create', [ 'model' => $model, ]); }

When employees login, you just need to do this:

if (password_verify($request->password, $storedEmployeeData->hashed_password)) { // Success }
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报
编辑

预览
轻敲空格完成输入
显示为

卡片

标题

链接
评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(5条)

编辑

预览

报告相同问题？

关注问题

Yii密码加密 php
2015-05-02 15:19

回答 2 已采纳 You are making one mistake of not handling errors, and this is why you cannot understand why this
如何在yii2中隐藏php警告？ php
2016-06-28 03:32

回答 4 已采纳 This can be achieved by changing two parameters in index.php file. 1) Setting YII_DEBUG to false
Yii2 GridView CheckboxColumn php
2018-06-07 10:52

回答 1 已采纳 it should be '\kartik\grid\CheckboxColumn' rather than '\kartik\grid\checkboxColumn' you must be w
php yii2验证密码登录,Yii2用户密码加密后验证问题
2021-04-29 23:23

emi0wb的博客使用Yii2框架，密码字段为pass，rules中设定的pass长度范围为6-20；原密码为123456789，校验通过没有问题，hash后存入数据库，hash后的值肯定超过范围了。此时pass字段值为hash后的值，没有保存原密码，不可逆加密。...
Yii2 - 在adminlte left.php布局中声明$ variable的地方 php
2018-10-11 02:20

回答 1 已采纳 Honestly i'am not sure what the actual question is exactly about, but since you talk about menu le
Yii2日期范围搜索 mysql php
2017-04-06 08:30

回答 2 已采纳 your query is joined with client and both models has created_at field. you can set alias for curre
控制台Yii2中的runAction模块 php
2017-11-27 07:15

回答 2 已采纳 Ok i found a solution but remember that the structure you desired isn't a good solution. Becouse y
php yii2框架普查平台
2020-10-30 04:22

Yii2框架是PHP开发中的一个高性能、基于组件的框架，专为快速开发现代Web应用程序而设计。这个"php yii2框架普查平台"项目很可能是用来构建一个用于数据收集和分析的在线系统，例如社区调查或者市场研究平台。在Yii...
Yii2登录无密码验证 php
2016-09-06 09:51

回答 2 已采纳 Login & Session in Yii 2 is managed by \yii\web\User class This class is accessible in the applica
Yii2在ActiveForm中包含datetimepicker php
2019-01-18 03:10

回答 1 已采纳 If i understand correctly you are asking about using the widget with the model rather than calling
如何在yii2中包含新的php文件/类？ php
2017-08-12 21:59

回答 1 已采纳 You are using the wrong access to yii2 components In yii2 you should use $app Yii::$app->-
Yii 实现数据加密和解密的示例代码
2020-12-19 23:55

本文将详细讲解如何在Yii框架中实现数据加密和解密，以及密码的处理。首先，对于密码的处理，Yii提供了`generatePasswordHash()`和`validatePassword()`两个方法。`generatePasswordHash()`用于对密码进行加密，...
Yii2处理密码加密及验证的方法
2021-01-20 00:08

在Yii2中提供了密码加密以及验证的一系列方法，方便我们的使用，它使用的是bcrypt算法。查看源码我们可以发现它使用的是PHP函数password_hash()和crypt()生成。加密： /** * $password 要加密的密码 * $hash ...
Yii2框架可逆加密简单实现方法
2020-12-19 19:19

Yii2作为一款流行的PHP框架，提供了强大的安全功能，包括数据的加密与解密。本文将详细介绍如何在Yii2框架中实现可逆加密，以及加密解密的基本原理。首先，让我们了解可逆加密的概念。可逆加密，顾名思义，是指...
Yii2 框架、PHP框架
2021-03-16 07:27

- 对敏感数据进行加密存储，如密码哈希。 - 开启XSS防护，避免跨站脚本攻击。 - 避免SQL注入，使用查询构建器或ActiveRecord。 - 定期更新Yii2 和其依赖库，修复可能的安全漏洞。 Yii2 框架凭借其高效、易用和强大...
没有解决我的问题, 去提问

PHP Yii2密码加密

6条回答 默认 最新

6条回答默认最新