我目前正在进行验证过程以检查用户的旧密码,但问题是我无法理解为什么我的查询返回零行,而预期它有 1 行。还有一件事是,即使我没有将密码文本转换为 md5,散列密码仍然得到正确答案,我不知道为什么会发生这种情况。到目前为止,这是我的代码:
public function validate_oldpassword($username,$password)
{
$this->db->select('user_salt');
$query = $this->db->get_where('login',array('username' => $username));
if ($query->num_rows() == 1)
{
foreach ($query->result() as $row)
{
$password2 = hash("sha256",$password.$row->user_salt);
$this->db->flush_cache();
$query = $this->db->get_where('login', array('username' => $username, 'password' => $password2));
//return $this->db->last_query();
return $query->num_rows();
if($query->num_rows()==1){
return "YEHEY";
}else{
return "NO";
}
}
}
}
我还检查了查询,它返回正确的查询,即:
SELECT * FROM (`login`) WHERE `username` = 'kahel' AND `password` = 'f91d20d381426ea56e57da9ab23d0c568b8f934c3ff313e1bbf6c28a4fee758a'
我的密码是test盐XgvT7F~(CYr#*0E1^UI@xkqJ5GcAO8BHsotZpf+WQ!4&ja2y%NdelLmhPSnRw9)zDK63VMuib,存储的密码是f91d20d381426ea56e57da9ab23d0c568b8f934c3ff313e1bbf6c28a4fee758a
最困扰我的是,在我的登录页面功能中,一切正常。这是我的登录代码功能:
public function get_login_credentials($username,$password)
{
$this->db->select('user_salt');
$query = $this->db->get_where('login',array('username' => $username));
if ($query->num_rows() == 1)
{
foreach ($query->result() as $row)
{
$password = hash("sha256",md5($password).$row->user_salt);
$query = $this->db->get_where('login', array('username' => $username, 'password' => $password));
return $query->num_rows();
}
}
}
我真的不明白为什么它返回零行。