Yii 从 Sha 512 加密登录
Yii login from Sha 512 encrypt
我在用户注册时对密码进行了如下加密:
public function actionCreate()
{
$model=new Users;
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['Users']))
{
$model->attributes=$_POST['Users'];
// how many times the string will be hashed
$rounds = 10000;
// @todo Use real salt here.
$salt = 'salt';
// pass in the password, the number of rounds, and the salt
// $ specifies SHA256-CRYPT, use $ if you really want SHA512
$model->PassWord=crypt($model->PassWord, sprintf('$rounds=%d$%s$', $rounds, $salt));
if($model->save())
$this->redirect(array('view','id'=>$model->users_id));
}
$this->render('create',array(
'model'=>$model,
));
}
现在我知道我需要更改以验证用户身份的代码是这样的:
else if($user->PassWord!==$this->password)
如果我使用 crypt
方法,我通常会使用这个:
else if($user->PassWord!==crypt($this->password,'salt'))
如何更改登录脚本以使用 sha512
?
您应该使用与 create
:
的密码散列中相同的参数
$rounds = 10000;
$salt = 'salt';
if($user->PassWord !== crypt($this->password, sprintf('$rounds=%d$%s$', $rounds, $salt)))
我在用户注册时对密码进行了如下加密:
public function actionCreate()
{
$model=new Users;
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['Users']))
{
$model->attributes=$_POST['Users'];
// how many times the string will be hashed
$rounds = 10000;
// @todo Use real salt here.
$salt = 'salt';
// pass in the password, the number of rounds, and the salt
// $ specifies SHA256-CRYPT, use $ if you really want SHA512
$model->PassWord=crypt($model->PassWord, sprintf('$rounds=%d$%s$', $rounds, $salt));
if($model->save())
$this->redirect(array('view','id'=>$model->users_id));
}
$this->render('create',array(
'model'=>$model,
));
}
现在我知道我需要更改以验证用户身份的代码是这样的:
else if($user->PassWord!==$this->password)
如果我使用 crypt
方法,我通常会使用这个:
else if($user->PassWord!==crypt($this->password,'salt'))
如何更改登录脚本以使用 sha512
?
您应该使用与 create
:
$rounds = 10000;
$salt = 'salt';
if($user->PassWord !== crypt($this->password, sprintf('$rounds=%d$%s$', $rounds, $salt)))