如何使用 mysqli 与 SSL 连接 [英] How to use mysqli connection with SSL

查看:18
本文介绍了如何使用 mysqli 与 SSL 连接的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试与我的数据库建立安全连接

I'm trying to make a secure connection with my database

我写了以下代码:

<?php

// form filled?
if (isset($_POST['submit'])) {
    $user = 'gebruiker';
    $pass = 'gebruiker';
    $db = new mysqli('localhost', $user, $pass, 'forum');
    if (mysqli_connect_errno()) {
        echo 'database doesnt work';
        file_put_contents('MySQLiErrors.txt', date('[Y-m-d H:i:s]') .          mysqli_connect_error() . "
", FILE_APPEND);
        exit();
    } else {
        $username = $_POST['username'];
        $userspassword = $_POST['password'];
        $salt = strrev($userspassword . substr(0, 4));
        $password = hash('sha512', $userspassword . $salt);
        $statement = $db->prepare("SELECT id,username FROM user WHERE username = ? AND password = ?");
        $statement->bind_param("ss", $username, $password);
        $statement->execute();
        $result = $statement->get_result();
        $statement->close();
        $count = $result->num_rows;
        if ($count > 0) {
            session_start();
            $_SESSION["username"] = $username;
            header("Location: forum.php");
        } else {
            $_SESSION['Error'] = "Invalid username or password";
        }
    }
    $db->close();
}

我还在 php.net 上阅读了一些关于 SSL 连接的内容,但我不知道如何在这种情况下实现这一点.

I also read something about SSL connections on php.net but I don't have any idea how to implement this in this case.

http://php.net/manual/en/mysqli.ssl-set.php

我的代码在 fedora 21 上运行并且运行良好,但接下来我想要的是使用 SSL 的安全连接.

My code is running on fedora 21 and it works fine but the next thing I want is a secure connection using SSL.

推荐答案

您不需要客户端证书和私钥,并且在大多数情况下,您不希望 MySQL 服务器验证客户端证书.

You do NOT need the client certificate and private key and in most cases you do NOT want MySQL server to verify the client certificate.

但是客户端必须使用 CA 证书验证服务器证书以防止 MITM.

Client however MUST verify server certificate using CA certificate to prevent MITM.

<?php
$mysqli = mysqli_init();
$mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
$mysqli->ssl_set(NULL, NULL, "/etc/ssl/certs/ca-bundle.crt", NULL, NULL);
$mysqli->real_connect('hostname', 'user', 'password', 'database');
$mysqli->close();
?>

这篇关于如何使用 mysqli 与 SSL 连接的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆