[英]bCrypt fetch password from database ( PDO, PHP )
I'm currently switching from md5 to bcrypt and i'm able to set the bcrypt has into the database with the following code. 我目前正在从md5切换到bcrypt,并且可以使用以下代码将bcrypt设置为数据库。
public function User_Registration($_iPassword, $_iEmail, $_iUsername) {
$sth = $this->db->prepare("SELECT _iD FROM users WHERE _iUsername = :username OR _iEmail = :email");
$sth->execute(array(':username' => $_iUsername, ':email' => $_iEmail ));
$row = $sth->fetch(PDO::FETCH_ASSOC);
$_iD = $row['_iD'];
if ($sth->rowCount() == 0) {
$salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22); // create a random salt
$hash = crypt($_iPassword, '$2a$12$' . $salt); // hash incoming password - this works on PHP 5.3 and up
$sth = $this->db->prepare("INSERT INTO users(_iPassword,_iEmail,_iUsername) VALUES ( :hash_pass, :email, :username)");
$sth->bindValue(":hash_pass", $hash);
$sth->bindValue(":email", $_iEmail);
$sth->bindValue(":username", $_iUsername);
$sth->execute();
$sth = $this->db->prepare("SELECT _iD FROM users WHERE _iUsername = :username");
$sth->execute(array(':username' => $_iUsername));
$me = "me";
$sth = $this->db->prepare("INSERT INTO friends (friend_one,friend_two,role) VALUES ( :uid, :uid1, :me )");
$sth->bindValue(":uid", $row['_iD']);
$sth->bindValue(":uid1", $row['_iD']);
$sth->bindValue(":me", $me);
$sth->execute();
} else {
return false;
}
}
but I unable to fetch the data back from the database, I'm currently using the following code to fetch the user login information : 但是我无法从数据库中获取数据,我目前正在使用以下代码来获取用户登录信息:
public function User_Login($_iUsername,$_iPassword) {
$md5_password = crypt($_iPassword);
$sth = $this->db->prepare("SELECT _iD FROM users WHERE _iUsername = :username AND _iPassword = :password AND _iStatus='1'");
$sth->bindValue(":username", $_iUsername);
$sth->bindValue(":password", $md5_password);
$sth->execute();
if ($sth->rowCount() == 1) {
$row = $sth->fetch(PDO::FETCH_ASSOC);
return $row['_iD'];
} else {
return false;
}
}
What would be the correct way to fetch the hash password back from MySQL.. any suggestions are much appreciated. 从MySQL取回哈希密码的正确方法是什么。
public function User_Login($_iUsername, $_iPassword) {
$sql = "SELECT _iD, _iPassword FROM users WHERE _iUsername = ? AND _iStatus=1";
$sth = $this->db->prepare($sql);
$sth->execute(array($_iUsername));
$row = $sth->fetch();
if ($row && crypt($_iPassword, $sth['_iPassword']) == $sth['_iPassword']) {
return $row['_iD'];
}
}
For future support, I have returned the crypted hash with the following code. 为了将来的支持,我用以下代码返回了加密的哈希值。
public function User_Login($_iUsername, $_iPassword) {
$sth = $this->db->prepare("SELECT _iD FROM users WHERE _iUsername = :username AND _iStatus='1'");
$sth->bindValue(":username", $_iUsername);
$sth->execute();
if ($sth->rowCount() == 1) {
$row = $sth->fetch(PDO::FETCH_ASSOC);
return $row['_iD'];
} else {
return false;
}
$sth = $query->fetch();
if (crypt($_iPassword, $sth['_iPassword']) == $sth['_iPassword']) {
header("location:index.php");
return $sth;
}
return false;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.