doupu7651 2014-08-07 14:10
浏览 43

CodeIgniter使用passwordHash和passwordSalt登录

My question..The variable $salted returns a random UUID then md5's it.What I need for the login to work though is for the variable $salted to return the value of passwordSalt field in my database from the auth table that corresponds to t1.PrincipalID = t2.UUID .How do I give the variable $salted this value?

Basically how do i give a variable a value from my database without user input.Thank you.

code snippets..the essential part of my code.

my view...

<?php echo validation_errors(); ?>
<?php echo form_open('verifylogin'); ?>
<form>
    <input type="text" name="FirstName" placeholder="firstName">
    <input type="password" name="passwordHash" placeholder="Password">


    <input type="submit" name="login" class="login login-submit" value="Login">
</form></div>

my controller...

Function check_database($password)
{
    //Field validation succeeded.  Validate against database
    $firstName = $this->input->post('FirstName');
    $password = $this->input->post('passwordHash');




    //query the database
    $result = $this->users_model->login($firstName,$password);

    if($result)
    {
        $sess_array = array();
        foreach($result as $row)
        {
            $sess_array = array(
                'PrincipalID' => $row->PrincipalID,
                'FirstName' => $row->FirstName
            );
            $this->session->set_userdata('logged_in', $sess_array);
        }
        return TRUE;
    }
    else
    {
        $this->form_validation->set_message('check_database', 'Invalid username or password');
        return false;
    }
}

my model..

function login($firstName,$password)
{




     $salted  = sprintf('%s', md5(_uuid()));
     $hash = md5(md5($password) . ":" . $salted);

    $this->db->select('PrincipalID, FirstName')
        ->from('useraccounts AS t1, auth AS t2')
        ->where('t1.PrincipalID = t2.UUID')
        ->where('t1.FirstName', $firstName)
          ->where('t2.passwordHash', $hash);

    $this -> db -> limit(1);

    $query = $this -> db -> get();

    if($query -> num_rows() == 1)
    {
        return $query->result();
    }
    else
    {
        return false;
    }
}
  • 写回答

0条回答 默认 最新

    报告相同问题?

    悬赏问题

    • ¥15 关于#网络安全#的问题:求ensp的网络安全,不要步骤要完成版文件
    • ¥15 可否在不同线程中调用封装数据库操作的类
    • ¥20 使用Photon PUN2解决游戏得分同步的问题
    • ¥15 微带串馈天线阵列每个阵元宽度计算
    • ¥15 keil的map文件中Image component sizes各项意思
    • ¥20 求个正点原子stm32f407开发版的贪吃蛇游戏
    • ¥15 划分vlan后,链路不通了?
    • ¥20 求各位懂行的人,注册表能不能看到usb使用得具体信息,干了什么,传输了什么数据
    • ¥15 Vue3 大型图片数据拖动排序
    • ¥15 Centos / PETGEM