使用php加密密码
[英]encrypting password using php
问题描述
I need to encrypt the password and store it in the db. 
我需要加密密码并将其存储在数据库中。 i have added a code "$newpass= md5($pass_word);" 我添加了代码“ $ newpass = md5($ pass_word);” in php file. 在php文件中。 but still its not working 但仍然无法正常工作
<?php
$hostname = "xxxx";
$username = "xxxx";
$password = "xxxx";
$dbName = "xxxx";
$user_name='';
$pass_word='';
$email='';
$errormsg='';
$subject='';
$message='';
$newpass='';
$conn = mysql_connect($hostname,$username,$password) or die(mysql_error());
mysql_select_db($dbName);
if(isset($_POST["submit"]))
{
$user_name=$_POST['usr'];
$address1=$_POST['addr1'];
$address2=$_POST['addr2'];
$pass_word=$_POST['pswd'];
$newpass= md5($pass_word);
$email=$_POST['email'];
if(empty( $user_name))
{
$errormsg='<br>enter the name S';
}
if(trim($address1)=="")
{
$errormsg="<br>entre the address1 S";
//echo $errormsg;
}
if(trim($address2)=="")
{
$errormsg="<br>entre the address2 S";
//echo $errormsg;
}
if(trim($pass_word)=="")
{
$errormsg="<br>entre the password S";
// echo $errormsg;
}
if(trim($email)=="")
{
$errormsg="<br> enter the email S";
// echo $errormsg;
}
$message="your username is".$user_name."your passwod is".$pass_word;
if(strlen($errormsg)==0)
{
mysql_query("INSERT INTO `xxx` ( `id` , `Name` , `Address1` , `Address2` , `password` , `email` )
VALUES (
'', '$user_name', '$address1', '$address2', '$newpass', '$email'
)")or die(mysql_error()); ;
echo $newpass;
echo "you have successfully registered ";
}
mail($email,$subject,$message);
}
?>
This is my php page. 这是我的php页面。
4 个解决方案
解决方案1
5
Something is likely wrong with your input, as the syntax is correct. 您输入的内容可能有问题,因为语法正确。 Though md5 hashing isn't a bad practice, it is relatively insecure on its own. 尽管md5哈希算是不错的做法,但它本身并不安全。 To add a small extra layer of security, I usually do something like this ( hash salting ): 为了增加一点额外的安全性,我通常会执行以下操作( 哈希盐化 ):
<?php
function md5_salted($string,$salt){
return md5( md5($string) . md5($salt) );
}
$salt = "wQfChpLYWFtiQV8d9Cao";
echo md5('userPassword'); // 221068207e125b97beb4e2d062e888b1
echo md5_salted('userPassword', $salt); // 07d9ffd0115e61fb22f857b7d252339c
?>
Worth noting: as others have stated, this is hashing, not encryption. 值得注意的是:正如其他人所说,这是散列,而不是加密。 If you're interested in encryption, investigate TLS/SSL . 如果您对加密感兴趣,请研究TLS / SSL 。
解决方案2
2 2009-07-23 13:16:50
Well, that would hash the password, not encrypt it. 好吧,这会哈希密码,而不是对其进行加密。 Hashing is probably what you actually wanted though. 散列可能是您真正想要的。
解决方案3
1 2009-07-23 13:18:44
First of all, md5 is not encryption, it's a hashing function (more in wikipedia ). 首先,md5不是加密,它是一个哈希函数(更多在Wikipedia中 )。 It could be used to quite safely store it in DB. 它可以用来非常安全地将其存储在数据库中。 But usage you've provided is fine, should work. 但是您提供的用法很好,应该可以使用。 You should elaborate on what does it mean "it's not working". 您应该详细说明“它不起作用”的含义。
This code: 这段代码:
<?php
$pass = 'secret';
$newpass = md5($pass);
echo $newpass;
?>
Outputs to: 输出到:
5ebe2294ecd0e0f08eab7690d2a6ee69
解决方案4
0 2009-07-23 13:36:33
Why don't you use the md5 function provided by the database (mysql) in the sql query: 为什么不在sql查询中使用数据库(mysql)提供的md5函数:
mysql_query("INSERT INTO `xxx` ( `id` , `Name` , `Address1` , `Address2` , `password` , `email` )
VALUES (
'', '$user_name', '$address1', '$address2', MD5('$pass_word'), '$email'
)")or die(mysql_error());
See also http://dev.mysql.com/doc/refman/5.1/en/encryption-functions.html#function_md5 另请参见http://dev.mysql.com/doc/refman/5.1/zh-CN/encryption-functions.html#function_md5
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.