php哈希函数检查数据库 [英] php hash function checking database
问题描述
将新用户插入数据库时,我想对密码进行哈希处理.这就是我所拥有的.
When inserting a new user into a database i want to hash the password. this is what i have got.
static function getLastId(){
global $database;
$sql = 'SELECT ID from users ORDER BY id DESC LIMIT 1' ;
$result = $database->query($sql);
return $result;
}
static function create_user($username,$password ){
global $database;
$lastID = self::getLastId() + 1;
$ePassword = $database->escape_value($password);
$hash = hash('sha256', $lastID . $ePassword);
$sql = "INSERT INTO ". self::$table_name . " (username, password, first_name, last_name, power ) VALUES ";
$sql .= "('{$database->escape_value($username)}', '{$hash}', 'asd' , 'asd', 'user') ";
$query = $database->query($sql);
return ($query)? true : false;
}
当我执行 $lastID 的打印或 var 转储时,我得到 13.但是查看数据库时,我只有 1 个用户我,ID 为 1.我什至截断了表,但我仍然得到 13.不是肯定为什么.
when i do a print or var dump of $lastID I get 13. however looking a the database i only have 1 user me, with an ID of 1. I even truncated the table, but i am still getting 13. not sure why.
基本上这个想法是我想将 $lastID 附加到密码,这样就更难逆转了.我需要知道下一个 ID 是什么,以便登录.
basically the idea is that i want to append $lastID to the password, so that it is much harder to reverse. I need to know what the next ID is going to be, for login purposes.
推荐答案
$result = $database->query($sql);
return $result;
您返回的是结果资源而不是实际数据(我认为是这样,除非您的 $database 模块自动执行此操作),您可能想要:
You're returning the result resource instead of actual data (i assume so, unless your $database module automatically does this), you might want to:
$result = $database->query($sql);
$data = mysql_fetch_array($result);
return $data['ID'];
这篇关于php哈希函数检查数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!