php哈希函数检查数据库 [英] php hash function checking database

问题描述

将新用户插入数据库时​​，我想对密码进行哈希处理.这就是我所拥有的.

When inserting a new user into a database i want to hash the password. this is what i have got.

    static function getLastId(){
        global $database; 
        $sql = 'SELECT ID from users ORDER BY id DESC LIMIT 1' ;
        $result = $database->query($sql);           
        return $result; 
    }


static function create_user($username,$password ){
    global $database;
    $lastID =  self::getLastId() + 1;       
    $ePassword = $database->escape_value($password);
    $hash = hash('sha256', $lastID . $ePassword);
    $sql = "INSERT INTO ". self::$table_name . " (username, password, first_name, last_name, power ) VALUES ";
    $sql .= "('{$database->escape_value($username)}', '{$hash}', 'asd' , 'asd', 'user') ";
    $query = $database->query($sql);
    return ($query)? true : false; 
}

当我执行 $lastID 的打印或 var 转储时，我得到 13.但是查看数据库时，我只有 1 个用户我，ID 为 1.我什至截断了表，但我仍然得到 13.不是肯定为什么.

when i do a print or var dump of $lastID I get 13. however looking a the database i only have 1 user me, with an ID of 1. I even truncated the table, but i am still getting 13. not sure why.

基本上这个想法是我想将 $lastID 附加到密码，这样就更难逆转了.我需要知道下一个 ID 是什么，以便登录.

basically the idea is that i want to append $lastID to the password, so that it is much harder to reverse. I need to know what the next ID is going to be, for login purposes.

推荐答案

$result = $database->query($sql);           
return $result; 

您返回的是结果资源而不是实际数据(我认为是这样，除非您的 $database 模块自动执行此操作)，您可能想要:

You're returning the result resource instead of actual data (i assume so, unless your $database module automatically does this), you might want to:

$result = $database->query($sql);    
$data = mysql_fetch_array($result);
return $data['ID']; 

这篇关于php哈希函数检查数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！