dongmeng1875 2013-05-11 09:26
浏览 64

使用md5散列密码

i want to hash the registered password in the database using MD5 and the same thing when login but the problem is that in the register process the password get hashed but in the login the system work as this is incorrect password

register.php

 //ADD MD5 hash to the password 
       $db_pass=md5($pass1);
//************Insert all the user's input to the database**************************//
$query = mysql_query("INSERT INTO user(user_name, first_name, last_name, governorate,
 district, village, birth_date, email_address, specialization, password, 
 registered_date)VALUES('$username', '$firstname', '$lastname', '$governorate',
 '$district', '$village', '$bdate', '$email', '$specialization', '$db_pass', 
 now())") or die("could not insert data");

login.php

$pass = md5($pass);

$sql=mysql_query( "SELECT user_id, email_address, first_name, user_name FROM user 
WHERE email_address='$email'
AND password='$pass'LIMIT 1") or die("error in user table");
  • 写回答

2条回答 默认 最新

  • dongtiao2976 2013-05-11 09:34
    关注

    You shouldn't be using MD5. It is insecure and it is waaaaay too fast for you to be using it for the purpose of password hashing (look at the Wiki page for Brute-force attacks if you don't understand why using a fast password hashing algorithm is a bad idea). You should look into using something like Bcrypt.

    You can use Bcrypt via the crypt function.

    $userPassword = 'testpassword';
$hashed = crypt($userPassword, '$2a$15$usesomesillystringforsalt$');
echo $hashed;

    As somebody mentioned above, ircmaxell has a pretty good library available on github. The library is forwards-compatible with the password_hash function, which will be available in PHP 5.5 (currently in BETA).

    评论

报告相同问题?

悬赏问题

  • ¥20 win11修改中文用户名路径
  • ¥15 win2012磁盘空间不足,c盘正常,d盘无法写入
  • ¥15 用土力学知识进行土坡稳定性分析与挡土墙设计
  • ¥70 PlayWright在Java上连接CDP关联本地Chrome启动失败,貌似是Windows端口转发问题
  • ¥15 帮我写一个c++工程
  • ¥30 Eclipse官网打不开,官网首页进不去,显示无法访问此页面,求解决方法
  • ¥15 关于smbclient 库的使用
  • ¥15 微信小程序协议怎么写
  • ¥15 c语言怎么用printf(“\b \b”)与getch()实现黑框里写入与删除?
  • ¥20 怎么用dlib库的算法识别小麦病虫害