joomla密码加密 [英] joomla password encryption
问题描述
我需要访问joomla用户表 jos_users
,以便从外部php脚本[codeignitor]进行登录检查。
I need to access the joomla user table jos_users
for login checking from external php script [codeignitor].
joomla存储这样的密码
joomla storing password like this
4e9e4bcc5752d6f939aedb42408fd3aa:0vURRbyY8Ea0tlvnTFn7xcKpjTFyn0YT
看起来这不是正常的MD5,所以我不能使用 md5(密码)
。
Looks like this is not the normal MD5 ,so i cannot use md5(password)
.
可能的创建密码的方法是什么?
what is the possible way to create the password ?
谢谢。
推荐答案
Joomla密码是MD5哈希,但密码在哈希之前被盐化。
它们以 {hash}:{salt}
的形式存储在数据库中。此盐是一个长度为32个字符的随机字符串。
Joomla passwords are MD5 hashed, but the passwords are salted before being hashed.
They are stored in the database as {hash}:{salt}
this salt is a random string 32 characters in length.
所以要创建一个新的密码哈希你会做 md5($ password。$ salt)
So to create a new password hash you would do md5($password.$salt)
EDIT
好的,为了检查密码,请说用户 myguy
输入密码 mypassword
,您将从具有用户名 myguy
的数据库中检索该行。
Okay so for checking a password, say a user myguy
enters the password mypassword
, you would retrieve the row from the database that has username myguy
.
在此行中,您将找到一个密码,说 4e9e4bcc5752d6f939aedb42408fd3aa:0vURRbyY8Ea0tlvnTFn7xcKpjTFyn0YT
。
你分割了密码哈希和盐:
In this row you'll find a password say 4e9e4bcc5752d6f939aedb42408fd3aa:0vURRbyY8Ea0tlvnTFn7xcKpjTFyn0YT
.
You split up the password hash and the salt:
$hashparts = preg_split (':' , $dbpassword);
echo $hashparts[0]; //this is the hash 4e9e4bcc5752d6f939aedb42408fd3aa
echo $hashparts[1]; //this is the salt 0vURRbyY8Ea0tlvnTFn7xcKpjTFyn0YT
现在使用此盐和密码计算哈希值 myguy
输入
now calculate the hash using this salt and the password myguy
entered
$userhash = md5($userpassword.$hashparts[1]); // This would be 'mypassword' and the salt used in the original hash
现在如果这个 $ userhash
和 $ hashparts [0]
与用户输入的密码相同。
Now if this $userhash
and $hashparts[0]
are identical the user has entered the correct password.
这篇关于joomla密码加密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!