PHP重置密码
我对如何加密要在数据库中输入的新密码感到困惑。当我输入密码时,它将加密并检查数据库是否正确,并验证新密码,将其更改为纯文本。
if (count($_POST) > 0) {
$result = mysqli_query($conn, "SELECT *from users WHERE id='" . $_SESSION["id"] . "'");
$row = mysqli_fetch_array($result);
if (MD5(mysqli_real_escape_string($_POST["currentPassword"] == $row["password"]))) {
mysqli_query($conn, "UPDATE users set password='" . $_POST["newPassword"] . "' WHERE id='" . $_SESSION["id"] . "'");
$message = "Password Changed";
} else
$message = "Current Password is not correct";
}
红颜莎娜浏览 159回答 3
3回答
-
慕雪6442864
// password encryption for security.$salt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);$salt = base64_encode($salt);$salt = str_replace('+', '.', $salt);$hash = crypt($pass, '$2y$10$'.$salt.'$');//echo ("".$hash."<br />\n");$pass 是密码输入中的密码保存$hash到数据库使用从数据库中获得的密码来验证密码 $hashif(password_verify($pass, $hash)) { echo 'Password is valid!';} else { echo 'Invalid password.';}更新并尝试该过程 -
12345678_0001
//password encryption$user_password = "1234";$hash_pass = password_encryption($user_password, PASSWORD_BCRYPT, array('cost'=>10);//"$user_password"-password obtained from the user input//"$hash_pass" -encrypted password stored in a database//verify the user password with that obtained from the databaseif(password_verify($user_password, $hash_pass)){ echo "password is valid";}else{ echo "password is not valid";}试试这个。
随时随地看视频慕课网APP
PHP