Using Salt To Encrypt Password PHP
Question
Here is my code,
<?php
function($string){
$salt = "@x5v";
$hash = sha1(md5($salt.$string)).md5($string).sha1(md5($string));
return $hash;
}
?>
<?php
print "<center>";
if(isset($_POST['username'])){
echo 'Variable is set and I can use it!';
}
$Username = $_POST["username"];
$Password = md5($_POST["password.$hash"]);
$Email = $_POST["email"];
?>
I think it's this line causing the problem:
$Password = md5($_POST["password.$hash"]);
What would be the correct syntax to pass the users password into the database, encrypted with the string I defined above?
2 answers
solution1
2 ACCPTED 2012-11-19 10:04:23
I think it's this line causing the problem:
$Password = md5($_POST["password.$hash"]);
What you are doing here is incorrect. It should be:
$Password = md5($_POST["password"] . $hash);
What you were doing is actually indexing in to $_POST with a key that would have ended up something like 'password.fdg858fug83u5g5'.
solution2
0 2012-11-19 09:06:35
I recommend this library instead of rolling your own solution:
http://www.openwall.com/phpass/
Here's an article that explains how to use it:
http://sunnyis.me/blog/secure-passwords/
You should read this StackOverflow answer too:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.