PHP MD5 为不同的输入返回相同的哈希值
[英]PHP MD5 returning same hash for different input
问题描述
I want to create kinda authentication system for my site, but I encountered problem with MD5 function - it's not working correctly, look at snippet below:
我想为我的网站创建一种身份验证系统,但我遇到了 MD5 功能的问题 - 它无法正常工作,请查看下面的代码片段:
$valid_request = 0;
$login = "";
$passwordMD5 = "";
$hardwareidMD5 = "";
$hash1 = "";
$hash2 = "";
// a - username
// b - hardwareid md5 hash
// c - password md5 hash
// d - hash of (a+b+c)
// e - hash of (a+b+c+d)
if(isset($_GET['a']) && isset($_GET['b']) && isset($_GET['c'])
&& isset($_GET['d']) && isset($_GET['e']) )
{
$login = $_GET['a'];
if(strlen($login) <= 32 && strlen($login) >= 1 && isValid($login,1) === 1)
{
$passwordMD5 = $_GET['b'];
if(strlen($passwordMD5) === 32 && isValid($passwordMD5,2) === 1)
{
$hardwareidMD5 = $_GET['c'];
if(strlen($hardwareidMD5) === 32 && isValid($hardwareidMD5,2) === 1)
{
$valid_request = 1;
$hash1 = MD5($login+$passwordMD5+$hardwareidMD5);
$hash2 = MD5($login+$passwordMD5+$hardwareidMD5+$hash1);
echo "HASH1: $hash1\n"."HASH2: $hash2\n";
}else $valid_request = 0;
}else $valid_request = 0;
}else $valid_request = 0;
}else
$valid_request = 0;
problem is in this lines:问题出在这一行:
$hash1 = MD5($login+$passwordMD5+$hardwareidMD5);
$hash2 = MD5($login+$passwordMD5+$hardwareidMD5+$hash1);
echo "HASH1: $hash1\n"."HASH2: $hash2\n";
it's always printing twice same md5, page source looks like this:它总是打印两次相同的 md5,页面源如下所示:
HASH1: cfcd208495d565ef66e7dff9f98764da
HASH2: cfcd208495d565ef66e7dff9f98764da
1 个解决方案
解决方案1
3 2015-09-04 13:40:04
The problem is that you are trying to concatenate the argument of the md5 functions with + instead of .问题是您试图将 md5 函数的参数与+而不是. . .
But if you allow me, I would like to suggest to you not to use the md5 for passwords anymore.但是如果你允许我,我想建议你不要再使用 md5 作为密码了。 Use sha256 instead.Here is a link to the explanation: Reasons why SHA512 is superior to MD5改用 sha256。这里是解释的链接: 原因 SHA512 优于 MD5
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.