如何在从登录表单发布之前加密密码? [英] How to encrypt password before post from login form?
本文介绍了如何在从登录表单发布之前加密密码?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在 yii
中有一个 Login 表单,它需要
用户名
和密码
。我的问题是密码是纯文本,所以它可能会导致安全问题。为此,在通过ajax提交表单之前,我有 md5
密码
I have a Login
form in yii
which required username
and password
. My problem is that password is plain text so it may cause security issue. For this i have md5
password before submitting form via ajax
<div class="form">
<?php $form=$this->beginWidget('CActiveForm', array(
'id'=>'login-form',
'enableAjaxValidation'=>true,
)); ?>
<p class="note">Fields with <span class="required">*</span> are required.</p>
<div class="row">
<?php echo $form->labelEx($model,'username'); ?>
<?php echo $form->textField($model,'username'); ?>
<?php echo $form->error($model,'username'); ?>
</div>
<div class="row">
<?php echo $form->labelEx($model,'password'); ?>
<?php echo $form->passwordField($model,'password'); ?>
<?php echo $form->error($model,'password'); ?>
<p class="hint">
Hint: You may login with <tt>demo/demo</tt>.
</p>
</div>
<div class="row rememberMe">
<?php echo $form->checkBox($model,'rememberMe'); ?>
<?php echo $form->label($model,'rememberMe'); ?>
<?php echo $form->error($model,'rememberMe'); ?>
</div>
<div class="row submit">
<?php echo CHtml::submitButton('Login',array('id'=>'submit')); ?>
</div>
<?php $this->endWidget(); ?>
</div><!-- form -->
<script>
$("#submit").click(function(){
var password = $("#LoginForm_password").val();
$.ajax({
type: 'POST',
url: '<?php echo Yii;;app()->createUrl("user/encrptpassword")?>',
data: {'password': password},
success:function(data){
$("#LoginForm_password").val(data);
}
});
</script>
public function actionEncrptpassword(){
echo md5($_POST['password']);
}
但这也不是安全,因为ajax post数据在检查时也是可见的。
But this is also not safe as ajax post data is also visible on inspecting.
请让我知道我以前如何
Please let me know how can i encrpt
my password before submit form
推荐答案
使用SSL,就是它的全部要点 http://clouldflare.com 为任何域名提供免费SSL。
Use SSL, that's the whole point of it. http://clouldflare.com gives free SSL for any domain.
这篇关于如何在从登录表单发布之前加密密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文