use*_*925 3 mysql sql database hash mysqli
我有一个数据库字段存储这样的密码:
TeacherPassword
j.lu01
pesci02
cricket01
现在我有一个文本框,用户输入密码,如果它与其中一行匹配,则导航到下一页.下面是检查密码的代码.
$teacherpassword = (isset($_POST['teacherpassword'])) ? $_POST['teacherpassword'] : '';
if (isset($_POST['submit'])) {
// don't use $mysqli->prepare here
$query = "SELECT * FROM Teacher WHERE TeacherPassword = ? LIMIT 1";
// prepare query
$stmt=$mysqli->prepare($query);
// You only need to call bind_param once
$stmt->bind_param("s",$teacherpassword);
// execute query
$stmt->execute();
// get result and assign variables (prefix with db)
$stmt->bind_result($dbTeacherPassword);
但我所做的是我更新了密码字段,以便该字段不会将passwrod显示为字符串,而是显示为一堆字符,以便他们的密码是安全的.以下是我做的更新:
UPDATE Teacher
SET TeacherPassword = Password(TeacherPassword);
这导致密码字段现在看起来像这样:
TeacherPassword
*6FF132E0666AC8462BC
*FCF5F8CE105D0748315
*FD4FA4B60EEF1E24050
那么我的问题是,在我的MYsqli代码中,如何在文本框中输入字符串密码j.lu01以匹配数据库行中的哈希密码*6FF132E0666AC8462BC?
如果是这种情况,那么hash在数据库上搜索之前,首先需要输入密码.顺便说一句,我尝试在sqlfiddle上运行并生成不同的哈希值
Password('j.lu01') => *7A48257211A5C6BF45C30374789E9027726D829D
Password('jlu_01') => *FCF5F8CE105D0748315591596E8A4F87A2E12B1A
-- your password field is truncated that's why it can't find the match also
-- alter TeacherPassword field and change it's length to 42
你能检查你的TeacherPassword田地长度吗?