Joomla Salt增强密码 [英] Joomla salt enhanced password
问题描述
我怎么知道用作joomla salt增强密码加密的盐的字符串的值?
how can i know value of string which is used as salt for joomla salt enhanced password encryption??
推荐答案
Joomla为每个密码生成一个随机盐.在这里,您可以找到有关如何使用joomla方法生成密码的有价值的信息:
Joomla generates a random salt for each password. Here you can find valuable information on how to work with the joomla methods to generate passwords:
http://forum.joomla.org/viewtopic.php? f = 476& t = 308499
从那一点,您可以看到盐以密码冒号作为定界符存储在密码之后.
From that bit you can see that the salt is stored after the password with a colon as delimiter.
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword("blabla", $salt);
$password = $crypt . ':' . $salt;
我只需要用Zend_Auth编写一个Authorisiation Validator来针对Joomla(1.0)安装进行验证,我想我会在这里更新有关它的信息.我的代码片段.
I just needed to write an Authorisiation Validator with Zend_Auth to validate against a Joomla (1.0) install and I thought I'd update the information here about it. A snip of my code.
$dbAdapter = Zend_Registry::get('jdb');
$this->_authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
$this->_authAdapter->setTableName('jos_users')
->setIdentityColumn('username')
->setCredentialColumn('password');
//Joomla 1.0 uses hashes in the form md5(passwort + salt) + salt
$users = new Users();
$hash = $users->getHash($value);
$salt = substr($hash, strpos($hash, ':') + 1);
$password = md5($context['password'] . $salt) . ':' . $salt;
[/EDIT]
这篇关于Joomla Salt增强密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!