1

我有一个网站,我正在从 web2py 转换为 PHP,我正在使用网站数据库,所以在 PHP 网站中,我有一个正在使用的登录表单,在发布电子邮件和密码后,我检查了数据库,但我可以' t 获得与表 auth_user 中的数据库密码字段相同的加密?我怎样才能进行与 web2py 剂量相同的加密?

我的 PHP 代码是这样的,但我使用的是 MD5:

<?php
// IF The Login Form Was Filled and Submited
if(isset($_POST['email']) && isset($_POST['password'])){


// Fetch The Username And Password
$username = $_POST['email'];
$password = $_POST['password'];

// Use Md5 Hashed Password For Security  
$password_hash = md5($password);

// Check IF The Username and Password was Not Empty . 
if (!empty($username) && !empty($password)) {

  // Selecting The ID for the user with the Posted Credintials .
  $query = "SELECT id FROM auth_user WHERE email='$username' AND password='$password_hash' ";

  // Run The Query
  $query_run = mysql_query($query);

        // Check if the Query Works and return records . 
        if ($query_run){

          // Check if the Query Returns any rows
          $query_num_rows = mysql_num_rows($query_run);

          // If the query Dosent return any rows that means that the user credintials is wrong or the user is not registerd
          if ($query_num_rows == 0) {

            echo "<div class='alert alert-error' style='width:300px;margin:0 auto'><button type='button' class='close' data-dismiss='alert'>&times;</button><h4>Warning!</h4>Invalid username / password combination</div><br>";

          // If the Query Return a row that means that everyhting is right. 
          } else if ($query_num_rows == 1) {


            // Fetch the user id from the query
            $user_id = mysql_result($query_run, 0 ,'id');

            // Store the user id in the Session
            // Note : The Session is Started in the page Core.inc.php which is included to the index page and has session.start();
            $_SESSION['user_id'] = $user_id;

            // Redirect To index Page , we user here the http_referer 
            //which is coming from the core.inc.php that return the url of the page we came from
            header('Location: ' . '../index.php');


          } else {

            echo "Who The Hell Are you !!";
          }

        // If the Query Didnt Run Retrun mysql Error.
        } else{echo mysql_error();}

// IF The Login Form Was Not Filled . 
} else {


  echo "<div class='alert alert-error' style='width:300px;margin:0 auto'><button type='button' class='close' data-dismiss='alert'>&times;</button><h4>Warning!</h4>Sorry , You must Supply a username and  a password . </div><br>";

}

}

// Print Out Any Other Errors
if(mysql_error()){
echo "Database Error : " . Mysql_error();
}

?>
4

0 回答 0