So I have an account on my web application, when I try to change the password it redirects me to the error page and I can't figure out why. I want to change the password to one of the accounts.
dc7f3da29862d3d5b3d3cd32356659ea7e85ed032b9c5144f5
The password is stored as this (the password is only password
so I don't mind this being here)
{
$result = $this->User->editUser($id,$username, $email, $name, $surname, $phone, $hash);
if ($result == true)
{
$this->set('has_message',true);
$this->set('css_name','success');
$this->set('errors',"<p>User successfully updated.</p>");
$profile = $this->User->getUserbyid($id);
$this->set('profile',$profile);
$this->User->closeConnection();
}
else
{
$this->User->closeConnection();
$this->set('has_message',true);
$this->set('css_name','error');
$this->set('errors',"<p>Something went wrong please try again.</p>");
}
}
This is the code for editing a user account, I am new to PHP so please tell me if there is any more code you need...I am stuck trying to fix this error....and if possible I would just change the password in PHPMyAdmin instead as I don't mind if users cannot change their password.
Hash methods:
$salt = $this->create_salt_password($username);
$hash = $salt . $password;
for ( $i = 0; $i < 100000; $i ++ )
{
$hash = hash('sha256', $hash);
}
$hash = $salt . $hash;
And in config.php the salt
define('AUTH_SALT','wcRwGxDzULe?s3J%R^W@9)r}xfXpESul5hC,z^ze.oz*1E|ys,Bk,:Q/z_I&M9..');
and
public function create_salt_password($username)
{
/** Creates a hash value for the password using
a prefixed random unique identifier value with a static characters and the username
*/
$salt = hash('sha256', uniqid(mt_rand(), true) .AUTH_SALT .strtolower($username));
return $salt;
}
Login script:
$salt = substr($results->password, 0, 64);
$password = $salt . $password;
for ( $i = 0; $i < 100000; $i ++ )
{
$password = hash('sha256', $password);
}
If you want to change your password through phpmyadmin
, first find out which hashing method is used to store the password in the database (md5, sha1). Then generate the password using online hash tools like sha1-online.com or just get the hashed password using php script and save it to your database.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.