如何在php5.3.0中使用sha256
问题描述:
我使用sha256来加密密码。我可以将sha256加密密码保存在mysql中。但是我不能用相同的条款登录。
I'm using sha256 to encrypt the password. I can save the sha256 encrypted password in mysql. But i can't login with the same clause.
插入代码:
Insert code:
<?php
error_reporting(E_ALL ^ E_NOTICE);
$username = $_POST['uusername'];
$passcode = $_POST['ppasscode'];
$userflag = $_POST['uuserflag'];
//$passcodeen = hash('sha256',$passcode);
$passcodeen = hash('sha256', (get_magic_quotes_gpc() ? stripslashes($ppasscode) : $ppasscode));
$conn = mysql_connect("localhost","charles","charles") or die("connection failed with DB:".mysql_error());
mysql_select_db("sessiondb");
$query = "INSERT INTO users(username,passcode,userflag) values('$username','$passcodeen','$userflag')";
选择代码:
Select code:
<?php
error_reporting(E_ALL ^ E_NOTICE);
@mysql_connect("localhost","charles","charles") or die("Connection failed".mysql_error());
@mysql_select_db("sessiondb") or die("Database doesn't exist".mysql_error());
//get user input
$username = $_POST['username'];
$ppasscode = $_POST['ppasscode'];
//$passcodeen = hash('sha256', $ppasscode);
$passcodeen = hash('sha256', (get_magic_quotes_gpc() ? stripslashes($ppasscode) : $ppasscode));
//get session value from mysql
$query = @mysql_query("select username, userflag from users where username ='$username' and passcode = '$passcodeen'") or die("Query execution failed".mysql_error());
有什么问题吗?我很困惑。谢谢。
Is there something wrong? I'm very confused. Thanks.
答
这可能是一个错字吗? (ppasscode中的两个Ps,意图是什么?)
Could this be a typo? (two Ps in ppasscode, intended?)
$_POST['ppasscode'];
我会确认并执行:
I would make sure and do:
print_r($_POST);
并确保数据在那里是准确的,然后回显它应该是什么样子:
and make sure the data is accurate there, and then echo out what it should look like:
echo hash('sha256', $_POST['ppasscode']);
将此输出与数据库中的数据(手动)进行比较。通过这样做,您可以探索可能的失败点:
Compare this output to what you have in the database (manually). By doing this you're exploring your possible points of failure:
- 从表单中获取密码
- 散列密码
- 存储密码
- 比较两者。