Yii 从 Sha 512 加密登录

Yii login from Sha 512 encrypt

我在用户注册时对密码进行了如下加密:

public function actionCreate()
{
  $model=new Users;

  // Uncomment the following line if AJAX validation is needed
  // $this->performAjaxValidation($model);

  if(isset($_POST['Users']))
  {
    $model->attributes=$_POST['Users'];
    // how many times the string will be hashed 
    $rounds = 10000; 
    // @todo Use real salt here. 
    $salt = 'salt'; 
    // pass in the password, the number of rounds, and the salt 
    // $ specifies SHA256-CRYPT, use $ if you really want SHA512 
    $model->PassWord=crypt($model->PassWord, sprintf('$rounds=%d$%s$',        $rounds, $salt));
    if($model->save())
      $this->redirect(array('view','id'=>$model->users_id));
  }

  $this->render('create',array(
    'model'=>$model,
  ));
}

现在我知道我需要更改以验证用户身份的代码是这样的:

else if($user->PassWord!==$this->password)

如果我使用 crypt 方法,我通常会使用这个:

else if($user->PassWord!==crypt($this->password,'salt'))

如何更改登录脚本以使用 sha512

您应该使用与 create:

的密码散列中相同的参数
$rounds = 10000;
$salt = 'salt';
if($user->PassWord !== crypt($this->password, sprintf('$rounds=%d$%s$', $rounds, $salt)))