[英]Database mysql hashing passwords
所以我正在嘗試 hash 從登錄表單中的數據庫中獲取一些密碼,當我第一次嘗試登錄時,它使用數據庫中的密碼然后我 hash 使用 MD5 然后當我回到登錄頁面時,我想輸入以前使用的密碼讓我登錄,但它更改為 MD5 密碼。 有什么解決方案可以讓數據庫中的 MD5 和我使用第一個登錄的方式登錄嗎?在此先感謝(smecher.j 是一個為 0 的變量)
public void validateLogin(){
DatabaseConnection connectNow = new DatabaseConnection();
DatabaseConnection connectNow2 = new DatabaseConnection();
Connection connectDB = connectNow.getConnection();
Connection connectDB2 = connectNow2.getConnection();
String verifyLogin = " SELECT count(1) FROM user_account WHERE username = '" + usernameTextField.getText() + "' AND password ='" + enterPasswordField.getText() +"'";
String insertFields3 = " UPDATE user_account SET password = MD5(password) WHERE username = '" + usernameTextField.getText() +"'";
try{
Statement statement = connectDB.createStatement();
Statement statement2 = connectDB2.createStatement();
ResultSet queryResult = statement.executeQuery(verifyLogin);
while(queryResult.next()){
if(queryResult.getInt(1)==1){
login1();
if(smecher.j==0) {
statement2.executeUpdate(insertFields3);
smecher.j++;
}
text1=enterPasswordField.getText();
}else{
loginMessageLabel.setText("Invalid login, please try again");
}
}
lol();
}catch(Exception e){
e.printStackTrace();
e.getCause();
}
}
public static String text1 = "";
public void lol() {
Connection conn = null;
Statement st = null;
ResultSet rs = null;
String dbUrl = "jdbc:mysql://localhost:3306/databaselol?autoReconnect=true&useSSL=false";
String dbUsr = "root";
String dbPass = "!Iloriana12";
try {
String sql = "SELECT password FROM user_account where username = '" + usernameTextField.getText() + "'";
Class.forName("com.mysql.cj.jdbc.Driver");
conn = DriverManager.getConnection(dbUrl, dbUsr, dbPass);
st = conn.createStatement();
rs = st.executeQuery(sql);
while(rs.next()){
String value = rs.getString("password");
text1 =value;
}
System.out.println(text1);
}catch(Exception e){
e.printStackTrace();
}finally{
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
try {
st.close();
} catch (SQLException e) {
e.printStackTrace();
}
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
保存密碼時,您應該將其加密保存,當您驗證密碼時,您應該驗證比較密碼的加密版本,如
String verifyLogin = " SELECT count(1) FROM user_account WHERE username = '" + usernameTextField.getText() + "' AND password =MD5('" + enterPasswordField.getText() +"')";
String insertFields3 = " UPDATE user_account SET password = MD5('" + enterPasswordField.getText() + "') WHERE username = '" + usernameTextField.getText() +"'";
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.