自定义PHP函数以验证Joomla中的正确密码 [英] Custom PHP function to verify correct password in Joomla

问题描述

我在Joomla之外创建了一个脚本，该脚本可以成功生成Joomla密码:

I created a script outside of Joomla that can successfully generate a Joomla password:

// I copied the JUserHelper class from Joomla here
$salt = JUserHelper::genRandomPassword(32);
$crypt = JUserHelper::getCryptedPassword($password, $salt);
$psw = $crypt.':'.$salt;

我的问题是，如何将上面生成的这个新的crypt:salt与Joomla数据库中现有用户的密码进行比较，并知道上面脚本中提供的密码是否为该用户的正确密码?数据库?

My question is, how can I compare this new crypt:salt I generate above to a password of an existing user in the Joomla database, and know if the password supplied to the script above is the correct password for that user in the database?

推荐答案

一种方法是直接查询Joomla数据库，以获取用户的密码(加盐和哈希值)，然后进行比较.我认为以下查询应对此有效，基于我从一些Google搜索中看到的内容.我已经在Wordpress中完成了此操作，所以我假设Joomla会与此类似.

One way would be to query the Joomla database directly to get a user's (salted and hashed) password, then compare. I think the below query should work for that, based on what I have seen from a few google searches. I have done this in Wordpress, so I'm assuming Joomla would be similar.

select 'password' from `jos_users` WHERE `username` = "Bob";

这篇关于自定义PHP函数以验证Joomla中的正确密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！