PHP Yii2密码加密

Need help because i'm still new to Yii2. I want to encrypt the password before saving it to the database. So i'm using sha1 but the problem is that the password field in the form has contents when i apply this line of code in the controller shown below.

$model->password = sha1($model->attributes['password']);

This is the Controller create method:

public function actionCreate()
{
    $model = new Employeeinformation();

    //$model->password = sha1($model->attributes['password']);

    $model->created_date = date('Y-m-d H:i:s');

    if ($model->load(Yii::$app->request->post()) && $model->save()) {
        return $this->redirect(['view', 'id' => $model->employee_id]);
    } else {
        return $this->render('create', [
            'model' => $model,
        ]);
    }
}

This is the form:

<div class="employeeinformation-form">

<?php $form = ActiveForm::begin(); ?>

<?= $form->field($model, 'employee_id')->textInput(['minlength' => true, 'maxlength' => true]) ?>

<?= $form->field($model, 'password')->passwordInput(['maxlength' => true]) ?>

<?= $form->field($model, 'last_name')->textInput(['maxlength' => true]) ?>

<?= $form->field($model, 'first_name')->textInput(['maxlength' => true]) ?>

<?= $form->field($model, 'hired_date')->widget(\yii\jui\DatePicker::classname(), [
    'language' => 'en',
    'dateFormat' => 'yyyy-MM-dd',
]) ?>



<div class="form-group">
    <?= Html::submitButton($model->isNewRecord ? 'Create' : 'Update', ['class' => $model->isNewRecord ? 'btn btn-success' : 'btn btn-primary']) ?>
</div>

<?php ActiveForm::end(); ?>

Screenshot of my problem:

http://i.imgur.com/YTDW1Ud.png

Thank you in advance.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

6条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
doumaque6551 2015-09-03 03:19
关注
I want to encrypt the password before saving it to the database.

No you don't. Well, you might think you want to encrypt the password, but if you're trying to protect users you actually want to hash the password, not encrypt it.

SHA1 doesn't provide encryption, it's a hash function. This is a very common misconception. You can learn more about basic cryptography terms and concepts at the linked blog post.

More importantly: You don't want a fast hash like SHA1 for passwords. Use password_hash() and password_verify() and you'll have secure password storage. You don't even need to particularly care what these functions do internally to use them correctly.

public function actionCreate() { $model = new Employeeinformation(); $post = Yii::$app->request->post(); if ($model->load($post)) { $model->password = password_hash($model->password, PASSWORD_DEFAULT); $model->created_date = date('Y-m-d H:i:s'); if ($model->save()) { return $this->redirect(['view', 'id' => $model->employee_id]); } } return $this->render('create', [ 'model' => $model, ]); }

When employees login, you just need to do this:

if (password_verify($request->password, $storedEmployeeData->hashed_password)) { // Success }
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

查看更多回答(5条)

报告相同问题？

关注问题

PHP Yii2密码加密 php
2015-09-02 02:47

回答 6 已采纳 I want to encrypt the password before saving it to the database. No you don't. Well, you migh
Yii密码加密 php
2015-05-02 23:19

回答 2 已采纳 You are making one mistake of not handling errors, and this is why you cannot understand why this
如何在yii2中隐藏php警告？ php
2016-06-28 11:32

回答 4 已采纳 This can be achieved by changing two parameters in index.php file. 1) Setting YII_DEBUG to false
php yii2验证密码登录,Yii2用户密码加密后验证问题
2021-04-30 07:23

emi0wb的博客使用Yii2框架，密码字段为pass，rules中设定的pass长度范围为6-20；原密码为123456789，校验通过没有问题，hash后存入数据库，hash后的值肯定超过范围了。此时pass字段值为hash后的值，没有保存原密码，不可逆加密。...
Yii2 GridView CheckboxColumn php
2018-06-07 18:52

回答 1 已采纳 it should be '\kartik\grid\CheckboxColumn' rather than '\kartik\grid\checkboxColumn' you must be w
Yii2 - 在adminlte left.php布局中声明$ variable的地方 php
2018-10-11 10:20

回答 1 已采纳 Honestly i'am not sure what the actual question is exactly about, but since you talk about menu le
Yii2日期范围搜索 mysql php
2017-04-06 16:30

回答 2 已采纳 your query is joined with client and both models has created_at field. you can set alias for curre
Yii2处理密码加密及验证的方法
2021-01-20 08:08

在Yii2中提供了密码加密以及验证的一系列方法，方便我们的使用，它使用的是bcrypt算法。查看源码我们可以发现它使用的是PHP函数password_hash()和crypt()生成。加密： /** * $password 要加密的密码 * $hash ...
Yii2登录无密码验证 php
2016-09-06 17:51

回答 2 已采纳 Login & Session in Yii 2 is managed by \yii\web\User class This class is accessible in the applica
控制台Yii2中的runAction模块 php
2017-11-27 15:15

回答 2 已采纳 Ok i found a solution but remember that the structure you desired isn't a good solution. Becouse y
Yii2在ActiveForm中包含datetimepicker php
2019-01-18 11:10

回答 1 已采纳 If i understand correctly you are asking about using the widget with the model rather than calling
yii2使用sign签名认证
2021-11-30 13:46

yii2框架结合sign签名认证，PHP安全机制
如何在yii2中包含新的php文件/类？ php
2017-08-13 05:59

回答 1 已采纳 You are using the wrong access to yii2 components In yii2 you should use $app Yii::$app->-
yii2-xxtea:yii2 加密算法“XXTEA”的扩展
2021-06-27 00:38

yii2 加密算法“XXTEA”的扩展安装在composer.json ： { "require": { "rmrevin/yii2-xxtea": "1.2.0" } } 配置 /protected/config/main.php <? return array ( // ... 'components' => array ( // .....
php yii2验证密码登录,Yii2如何实现用户登陆
2021-04-30 07:23

勃特兰罗素的博客这两天空的时候，看了下Yii2，然后按照官方教程，安装了Yii2基础版。最开始的问题，无非就是注册登陆等功能了，果然，Yii2基础版并不像高级版一样，可以直接导入创建好的数据库，只有的静态登陆模型。然后简单修改了...
没有解决我的问题, 去提问

悬赏问题

¥15 执行 virtuoso 命令后，界面没有，cadence 启动不起来
¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
¥20 有关区间dp的问题求解
¥15 多电路系统共用电源的串扰问题
¥15 slam rangenet++配置
¥15 有没有研究水声通信方面的帮我改俩matlab代码
¥15 ubuntu子系统密码忘记
¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
¥15 保护模式-系统加载-段寄存器
¥15 电脑桌面设定一个区域禁止鼠标操作

PHP Yii2密码加密

6条回答 默认 最新

悬赏问题

6条回答默认最新