使用PHP在oracle中使用散列dehash和密码验证的功能 [英] What function to use for hashing dehash in and password verification in oracle using PHP

问题描述

嗨..

我正在寻找使用oracle数据库作为后端的php项目。

我想加密用户提供的密码，同时将其存储到数据库中。

在查看天气用户提供的密码和系统存储密码是一样的时候我们可以用一个函数来做那个在oracle。

我知道这两个都有哈希函数和de hash函数和mysql中的password_verify函数来执行上面提到的任务。

但是我很担心关于oracle db是否在oracle中有任何功能可以完成这项工作并且还与php兼容？



我尝试了什么：



我在oracle中尝试了上述所有功能，但它无法正常工作。

请帮助。

Hi..
I am woeking on a project in php that uses oracle database as back end.
I want to encrypt the user provided password while storing it into database.
And while checking weather user provided password and system stored password is same we can use a function to do that in oracle.
I know that for both this there is hash function and de hash function with password_verify function in mysql for doing the above mentioned tasks.
But I am worried about oracle db is there any function in oracle that does this job and is also compatible with php?

What I have tried:

I have tried all above mentioned function in oracle but its not working.
Pls help.

推荐答案

Quote：

有散列函数和散列函数

不，没有。这是散列的重点，而不是加密：没有办法反转散列值并获得原始输入。



这就是你使用它的原因：加密密码不安全，因为当用户登录时，软件必须知道解密密钥。散列密码 - 使用salt值 - 创建一个非唯一（但来自非常大的相空间）值，然后直接与存储的哈希值进行比较。如果它们匹配，则密码正确并且您允许用户进入。如果他们不这样做，则表示不正确，他们可以吹口哨。但没有人（即使你或任何访问你的软件和/或数据库的人都有源代码）可以找出原始密码是什么。

No, there isn't. That's the whole point of hashing as opposed to encryption: there is no way to "reverse" a hashed value and obtain the original input.

And that's why you use it: encrypted passwords are not secure, because the decryption key must be known to the software when the user logs in. Hashing a password - with a salt value - creates a non-unique (but from a very large phase space) value which you then compare directly to the stored hash value. If they match, the password is correct and you let the user in. If they don't, it isn't correct and they can go whistle. But no-one (even you or anyone who accesses your software and / or database complete with source code) can find out what the original password was.

你为什么要转发这个问题？我已经在说明了你需要做些什么。在使用PHP时在oracle中使用密码加密 [ ^ ]。

Why have you reposted this question? I already explaine what you need to do at What funation to use for password encryption in oracle while working with PHP[^].

这篇关于使用PHP在oracle中使用散列dehash和密码验证的功能的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！