我正在使用PHP版本5.4我已经四处寻找了散列机制,但我无法让它工作。棘手的部分是用另一个用户尝试验证哈希密码,我在这里做错了什么?为什么不是这个哈希匹配发生?
//and yes I am using password as name in this example
$password_entered ="cucumberball";
$password_hash = crypt($password_entered);
mysql_set_charset('utf8');
pdoConnect();
//insert hashed pass (same name and pass(hashed) for user)
$stmt = $pdo->prepare("insert into user (name,password) values (:name,:password)");
$stmt->bindParam(':name', $password_entered);
$stmt->bindParam(':password', $password_hash);
$stmt->execute();
//retriving password from db and checking if its correct with the login password provided
$stmt = $pdo->prepare("select password from user where name = :name LIMIT 1;");
$stmt->bindParam(':name', $password_entered);
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_OBJ);
if(crypt($password_entered, $password_hash) == $user->password) {
// password is correct
echo "WORKS";
}else{
echo "did not work";
}
注意:你正在保存数据库未加密的密码作为名称... – fusion3k
我保存输入的密码作为名称。只为例 – Christopher
[此示例](http://php.net/manual/en/function.crypt.php#114060)作品:从它开始(或使用它) – fusion3k