所以我在我的网络应用程序上有一个帐户,当我尝试更改密码时,它会将我重定向到错误页面,我不知道为什么。我想将密码更改为其中一个帐户。
dc7f3da29862d3d5b3d3cd32356659ea7e85ed032b9c5144f5
密码存储为这个(密码只是password所以我不介意这里)
{
$result = $this->User->editUser($id,$username, $email, $name, $surname, $phone, $hash);
if ($result == true)
{
$this->set('has_message',true);
$this->set('css_name','success');
$this->set('errors',"<p>User successfully updated.</p>");
$profile = $this->User->getUserbyid($id);
$this->set('profile',$profile);
$this->User->closeConnection();
}
else
{
$this->User->closeConnection();
$this->set('has_message',true);
$this->set('css_name','error');
$this->set('errors',"<p>Something went wrong please try again.</p>");
}
}
这是用于编辑用户帐户的代码,我是 PHP 新手,所以请告诉我您是否需要更多代码……我一直在尝试修复此错误……如果可能的话,我会更改PHPMyAdmin 中的密码,因为我不介意用户是否无法更改密码。
哈希方法:
$salt = $this->create_salt_password($username);
$hash = $salt . $password;
for ( $i = 0; $i < 100000; $i ++ )
{
$hash = hash('sha256', $hash);
}
$hash = $salt . $hash;
在 config.php 中添加盐
define('AUTH_SALT','wcRwGxDzULe?s3J%R^W@9)r}xfXpESul5hC,z^ze.oz*1E|ys,Bk,:Q/z_I&M9..');
和
public function create_salt_password($username)
{
/** Creates a hash value for the password using
a prefixed random unique identifier value with a static characters and the username
*/
$salt = hash('sha256', uniqid(mt_rand(), true) .AUTH_SALT .strtolower($username));
return $salt;
}
登录脚本:
$salt = substr($results->password, 0, 64);
$password = $salt . $password;
for ( $i = 0; $i < 100000; $i ++ )
{
$password = hash('sha256', $password);
}