使用php / mysql进行网站开发 [英] website development using php/mysql

问题描述

我正在开发一个用户需要注册的网站。注册后，他可以额外获得一些设施。



在注册时，用户只会提供他们的电子邮件ID和密码。



是否必须加密mysql中的密码。

如果我不这样做，那会发生什么？



如果是强制性的话请建议我。

解决方案

通过为什么要加密用户密码？ [ ^ ]。



这不是强制性的，但是加密密码将有助于网站免受密码破解 [ ^ ]。



和使用mySQL / PHP加密密码 [ ^ ]将帮助您在PHP / mySQL中找到不同的方法。



谢谢......

< blockquote>嗯，我的朋友，这不是强制性的，但这样做是安全的方法.......你可以搜索php参考，找出这样做的方法。我设计了一个网站，其中我只是生成用户提供的密码的md5哈希值，这样每当我收到用户在登录时输入的密码时，我只是生成它的md5哈希，然后将其与哈希进行比较已存储在数据库中。我认为它既简单又可靠，但我不能说在现实世界的应用程序中应用它，因为我只是一个我只为学习而创建的测试网站...



希望它可以帮到你。



问候

Tushar Srivastava

没有必要加密密码但注意不要将密码放在cookie或链接中，也不要向主人显示密码，只能使用密码类型。



但是最好加密以保护用户信息。

I am developing a website where the user need to register. After registration he can got some facility extra.

at the time of registration only the user will provide their email id and password.

Is it mandatory to encrypt the password in mysql.
If i am not doing so, then what can happen?

if it is mandatory then suggest me the way.

解决方案

Go through Why encrypt user passwords?[^].

It is not mandatory, but encrypted passwords will help the website to be free from Password cracking[^].

And Encrypting passwords with mySQL/PHP[^] will help you find different methods to do in PHP/mySQL.

Thanks...

Well my friend, It is not mandatory but is safe approach to do so....... You can search php reference to find out the ways to do so. I had designed a website wherein I simply generated the md5 hash of the password supplied by the user and this way whenever I received the password entered by user at the time of login, I simply generated it's md5 hash and then, compare it with the hash already stored in the database. i guess it as simple as well as reliable method but I cannot say anything about applying it in the real world application as mine was only a test website that I created only for learning...

Hope it can help you.

Regards
Tushar Srivastava

its not necessary to encrypt password but notice that not to put password in cookies or links and also not to show the password even to the owner , use password type only.

but its better to encrypt to safe the user info.

这篇关于使用php / mysql进行网站开发的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！