0

出于某种原因,它显示了加密的密码,我认为我不正确地使用了 explode() ..有人能指出我正确的方向吗?

<?php
    $teamname   = $_POST['teamname'];
    $teamname   = strtolower($teamname);

    $u_username = $_POST['username'];
    $u_username = strtolower($u_username);
    $key = $_POST['password'];

    // encrypt
    $iv = md5(md5($key));
    $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, $iv);
    $output = base64_encode($output);

    $file = readfile("teams/$teamname/config.txt","r"); // try to figure out why it's not working
    list($username, $password) = explode(":", $file);

    if ($u_username === $username) 
    {
        if ($password === $u_password) 
        {
            echo "Successfull";
        } 
        else 
        {
            echo "Incorrect Password";
        }
    } 
    else 
    {
        echo "Incorrect Username..";
    }
?>

Config.txt ivan:bKaeoqHLoPI058d6GJ9IlA4fA/mcoRJ70ZNI3gAczU4=

4

1 回答 1

2

这是因为您将密码存储为,$output但您正在引用$u_password

if ($password === $u_password) {
    echo "Successfull";
} else {
    echo "Incorrect Password";
}

应该

if ($password === $output) {
    echo "Successfull";
} else {
    echo "Incorrect Password";
}

或者

$output = base64_encode($output);

应该

$u_password = base64_encode($output);

测试

if ($u_username == $username)
{
    if ($password == $u_password)
    {
        echo "Successfull";
    } else {
        echo "Incorrect Password [" . $u_password . '] != [' . $password . ']';
    }
} else {
    echo "Incorrect Username.. [" . $u_username . '] != [' . $username . ']';
}
于 2013-08-05T16:19:20.787 回答