0 
insert into test(username,pwd) values('Jim',ENCODE('123456','Jim'));
select username from test where username='Jim' and pwd=ENCODE('123456','Jim')

insert into test(username,pwd) values('Ryan',SHA('123456'))
select username from test where username='Ryan' and pwd=SHA('123456')

insert into test(username,pwd) values('Jack',MD5('123456'))
select username from test where username='Jack' and pwd=MD5('123456')

Why I can't get a right result by using SHA and MD5? Passwords are both 123456, but with different encryption methods I cannot get a right result.

The first can output "Jim" correctly. But the second and the third one cannot output "Ryan" or "Jack", the result set is null. Why? I want know how to validate a user by encrypted password.

4

3 回答 3

1

Could it be that you are doing something wrong ? Works fine for me.

SQL Fiddle link with the queries.

My hunch is that you are storing truncated versions of the hash.

于 2013-03-30T16:16:12.180 回答
1

You need to change your field types as your 20-character VARCHAR field is truncating the hashes:

MD5 produces a 32-character string so use CHAR(32).

SHA produces a 64-character string so use CHAR(64).

You should always use CHAR over VARCHAR when you know the length of input, for performance reasons (SQL knows how much to allocate).

于 2013-04-22T08:48:40.260 回答
0

Note Exploits for the MD5 and SHA-1 algorithms have become known. You may wish to consider using one of the other encryption functions described in this section instead, such as SHA2().

http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html

于 2014-11-13T09:55:58.423 回答