cakephp不哈希密码相同
[英]cakephp not hashing passwords the same
问题描述
I'm trying to write a password reset function for my site in CakePHP. 
我正在尝试在CakePHP中为我的站点编写密码重置功能。 I've tried using $auth->hashPasswords , $auth->password , and even Security::hash , but nothing is hashing it correctly. 我试过使用$auth->hashPasswords , $auth->password ,甚至是Security::hash ,但是没有什么可以正确地对其进行哈希处理。 I tried logging in with foobar, noting the hash used to try and log in: cfb9fabf02497f9090cbba6b03da4764212cea407 , 我尝试使用foobar登录,并注意到用于尝试登录的哈希值: cfb9fabf02497f9090cbba6b03da4764212cea407 ,
but the reset makes foobar hashed into 5f4bb4b693725cea09cc7fc20603273f665534d8 . 但是重置会使foobar散列到5f4bb4b693725cea09cc7fc20603273f665534d8 。
What am I doing wrong? 我究竟做错了什么?
my code: 我的代码:
$this->data['Player']['password'] = $this->Auth->password($this->data['Player']['password']);
$this->Player->save($this->data);
1 个解决方案
解决方案1
5 已采纳 2012-01-05 20:57:17
The problem is, if you have a 'username' and 'password' field (in CakePHP 1.3 or prior), the field called "password" gets automatically hashed. 问题是,如果您有一个“用户名”和“密码”字段(在CakePHP 1.3或更低版本中),则名为“密码”的字段会自动进行哈希处理。 So when you do it manually, you're actually hashing it twice. 因此,当您手动执行此操作时,实际上是对其进行了两次哈希处理。
You can either rename it to something else like "password1", "mypass", "toiletpaper"...etc, which would keep it from being auto-hashed, or you can remove your additional hash. 您可以将其重命名为“ password1”,“ mypass”,“ toiletpaper”等其他名称,以免使其自动散列,也可以删除其他哈希。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.