在PHP中使用SHA1进行登录 [英] Using SHA1 in PHP for Login form

查看:280
本文介绍了在PHP中使用SHA1进行登录的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想创建一个简单的注册和登录表单。
我想使用SHA1在数据库中保存加密的密码。
但是当我尝试使用密码登录,似乎它不工作。
有三个文件 - index.php,register.php,login.php

I'm trying to make a simple register and login form. I want to use SHA1 to save the encrypted password in database. But when I try to login with the password, it seems it does not work. There are three files - index.php, register.php ,login.php

请帮我解决这个问题。

// index.php

//index.php

<form action="register.php" method="post" enctype="multipart/form-data">

    <label for="email">Email:</label>
    <input type="text" name="email">
    <br />
    <label for="password">Password:</label>
    <input type="password" name="password">
    <button>Register</button>
</form>

<form action="login.php" method="post">
    <label for="email">Email:</label>
    <input type="text" name="email">
    <br />
    <label for="password">Password:</label>
    <input type="password" name="password">
    <button>Login</button>      
</form>

// register.php

//register.php

<?php

$email = $_POST['email'];
$password = $_POST['password'];
$regist_day=date('d-m-Y (H:i)');

if (!empty($email) && !empty($password)) {

require_once('lib/db_connect.php');

$dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME)
        or die('Error connecting database');

$sql = "INSERT INTO member(email,password,regist_day)";
$sql .= "VALUES ('$email',SHA1('$password'),'$regist_day')";
mysqli_query($dbc,$sql);

echo("
    <script>
        location.href='try.php'
    </script>

    ") ;
}

else{
echo "You need to enter Email and Password";
}
?>

// login.php

//login.php

<?php
$user_email = $_POST['email'];
$user_password = SHA1($_POST['password']);

if (!empty($user_email) && !empty($user_password)) {

require_once('lib/db_connect.php');

$dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME)
or die('Error connecting database');

$sql = "SELECT * FROM member WHERE email = '$user_email'";
$result = mysqli_query($dbc,$sql);
$num_match = mysqli_num_rows($result);


if (!$num_match) {
        echo "No result";
}
else{
    $sql = "SELECT * FROM member WHERE password = '$user_password' ";
    $result = mysqli_query($dbc,$sql);
    $password_match = mysqli_num_rows($result);
    if (!$password_match) {
        echo "SHA1 does not work";
        exit;
    }
    else{
        echo"success";
    }
}
}
else{
echo "You need to enter both Email and Password";
}
?>


推荐答案


SHA1将加密的密码保存在数据库中。

I want to use SHA1 to save the encrypted password in database.

请不要使用SHA1作为密码。使用 password_hash() password_verify()

您可能还需要了解如何防止PHP中的SQL注入因为您发布的代码是可以利用的。

You might also want to learn how to prevent SQL injection in PHP because the code you posted is trivially exploitable.

这篇关于在PHP中使用SHA1进行登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆