[英]String comparison not working using php
Source of all of the follwoing lines : http://www.the-art-of-web.com/php/blowfish-crypt/ 所有关注行的来源: http : //www.the-art-of-web.com/php/blowfish-crypt/
I use this method to check if my server accepts blowfish crypting : 我使用这种方法来检查我的服务器是否接受河豚加密:
if(defined("CRYPT_BLOWFISH") && CRYPT_BLOWFISH) echo "CRYPT_BLOWFISH is enabled!<br>";
And that's ok : 没关系:
CRYPT_BLOWFISH is enabled!
CRYPT_BLOWFISH已启用!
I use this method to build a blowfish salt 我用这种方法来制作河豚盐
function getBlowFishSalt() {
$salt = "";
$salt_chars = array_merge(range('A','Z'), range('a','z'), range(0,9));
for($i=0; $i < 22; $i++) {
$salt .= $salt_chars[array_rand($salt_chars)];
}
return ($salt);
}
And that's ok . 没关系。 I uses the following
我使用以下
ZTbCMA3q8QY3A9a6E13JSn
ZTbCMA3q8QY3A9a6E13JSn
I use the following method to crypt password : 我使用以下方法来加密密码:
function crypt_blowfish($input, $salt, $rounds = 12) {
return crypt($input, sprintf('$2a$%02d$', $rounds) . $salt);
}
using these steps : 使用以下步骤:
$salt = "ZTbCMA3q8QY3A9a6E13JSn";
$password = "just_a_password";
print($password . " crypted as : <input type='text' size='80' value='" . crypt_blowfish($password, $salt) . "'><br>");
I get the following hashed password : 我得到以下哈希密码:
$2a$12$ZTbCMA3q8QY3A9a6E13JSe7pxGA6JsO.ksFGGeayxWXhcJalJ5ytm
$ 2A $ 12 $ ZTbCMA3q8QY3A9a6E13JSe7pxGA6JsO.ksFGGeayxWXhcJalJ5ytm
Then I try to compare things : 然后我尝试比较一下:
$hashedPassword = "$2a$12$ZTbCMA3q8QY3A9a6E13JSe7pxGA6JsO.ksFGGeayxWXhcJalJ5ytm";
if (crypt_blowfish("just_a_password", $salt) == $hashedPassword)
print ("just_a_password" . "recognized<br>");
else
print ("just_a_password" . " ---------- " . crypt_blowfish("just_a_password", $salt) . " ------------- " ." ko<br>");
if (crypt_blowfish("just_a_password", $salt) === $hashedPassword)
print ("just_a_password" . "recognized<br>");
else
print ("just_a_password" . " ---------- " . crypt_blowfish("just_a_password", $salt) . " ------------- " ." ko<br>");
if (strcmp(crypt_blowfish("just_a_password", $salt), $hashedPassword) == 0)
print ("just_a_password" . "recognized<br>");
else
print ("just_a_password" . " ---------- " . crypt_blowfish("just_a_password", $salt) . " ------------- " ." ko<br>");
But none of these returns me a OK result. 但是这些都不给我一个好的结果。 On screen and into the HTML code, the strings are exactly the same, so I don't understand why the php code do not recognize these as the same.
在屏幕上和HTML代码中,字符串完全相同,因此我不理解为什么php代码无法将它们识别为相同的字符串。
Can you help me ? 你能帮助我吗 ?
Oliver, 奥利弗,
I think I figured out your problem, when you use double quotes, php interprets strings with $ as being variables. 我想我已经解决了您的问题,当您使用双引号时,php将$解释为变量的字符串。 If you change
如果你改变
$hashedPassword = "$2a$12$ZTbCMA3q8QY3A9a6E13JSe7pxGA6JsO.ksFGGeayxWXhcJalJ5ytm";
print($hashedPassword);
to: 至:
$hashedPassword = '$2a$12$ZTbCMA3q8QY3A9a6E13JSe7pxGA6JsO.ksFGGeayxWXhcJalJ5ytm';
print($hashedPassword);
your code should start working. 您的代码应开始工作。
You can see the difference with the print statements. 您可以看到与print语句的区别。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.