0

Possible Duplicate:
md5 password with phpMailer

Hello everybody and thanks in advance for reading this. I have stored in my database in md5 format the password of an email account. Then when i send a notification email to the webmaster through phpMailer using the following code i get an stmp connection failed error. The same code without md5 encryption works perfectly.

  $mail = new PHPMailer(); 
  $mail->IsSMTP(); // send via SMTP
  $mail->SMTPAuth = true; // turn on SMTP authentication
  $mail->Username = $USR_EMAIL; // SMTP username
  $mail->Password = md5($MAIL_PWD); // SMTP password
  .
  .
  .

Anyone has any idea why wont send emails with an md5 password? Should i change something to class.phpMailer? Thank you for reading this

4

2 回答 2

2

It would appear that you're double-hashing the password. As you say, it's stored in the database in md5 format, and then you md5 it again, so you're in effect doing:

$passwd = 'hello';
$mail->Password = md5(md5($passwd));

Maybe

$mail->Password = $MAIL_PWD;

will work.

However, note that you mostly CAN'T send the md5 hash to the mail server and have it work. The server will then do its own hashing/crypting of the pasword text you send, and the md5 of a password is very much different from the actual password. You need to send over the REAL raw text of the password, not a hashed version.

于 2012-06-19T22:42:34.557 回答
1

您说数据库中的密码以MD5格式存储。如果我再看看你现在做的流程是:

数据库(MD5 中的密码)-> PHP 代码(密码转换为 MD5)(访问 SMTP)

在你这样做的地方:转换为 MD5 你实际上是这样做的:md5(md5("password"))。如果我在终端中这样做,我会得到:

localhost:~ user$ md5 -s password
MD5 ("password") = 5f4dcc3b5aa765d61d8327deb882cf99
localhost:~ user$ md5 -s 696d29e0940a4957748fe3fc9efd22a3
MD5 ("5f4dcc3b5aa765d61d8327deb882cf99") = 696d29e0940a4957748fe3fc9efd22a3

如果这不是您的情况,那么如果它已经转换为 MD5,则可以尝试查看 PHPMailer 源中的密码方法。也许它也在 Class/Object 中设置以选择使用哪种散列方法?

于 2012-06-19T22:45:38.143 回答