当前位置: 首页 » php

Validating form password against MySQL database

I'm relatively new to PHP and I'm trying to setup a login system. The part which is causing me trouble is trying to check if the password received from a form matches the corresponding email on a MySQL database (bearing in mind the email address was also submitted on the form). At the moment I am unsure what to do but this is the source code I pulled together... <html> <body&g

2018-06-07 02:41:15

根据MySQL数据库验证表单密码

我对PHP比较陌生,我正在尝试设置一个登录系统。 造成我麻烦的部分是试图检查从表单收到的密码是否与MySQL数据库上的相应电子邮件匹配(同时记住电子邮件地址也是在表单上提交的)。 目前我不确定要做什么,但这是我一起拉的源代码...... <html> <body> <?php $servername = "localhost"; $username = "***"; $password = "***"; $dbname = "pearsem_mystore"; // Create Connection $conn = new mysqli($serv

2018-06-07 02:41:15

Check if the value exist in another table and then insert

I'm working on a form in php that inserts data to MySQL, but before the data is inserted there is a field that must be checked in another table before inserting. If this value exist in the other table, then the data is inserted in the main table, if not, then data is not inserted. Here is my code to insert the data: $host="localhost"; $username="root"; $password="";

2018-06-07 02:40:13

检查值是否存在于另一个表中,然后插入

我正在研究一种将数据插入到MySQL的表单,但在插入数据之前,有一个字段在插入之前必须在另一个表中检查。 如果此值存在于另一个表中,则数据将插入主表中,如果不存在,则不插入数据。 这里是我的代码插入数据: $host="localhost"; $username="root"; $password=""; $db_name="forms"; $tbl_name="table1"; mysql_connect("$host", "$username", "$password")or die("cannot connect");

2018-06-07 02:40:13

PHP Sessions: Explanation please?

I have been learning PHP for a little bit now, and it has been going really easy for the most part. The only thing I'm hung up on is getting sessions to work. Google has been unforgiving in this endeavor. It could be one of two reasons; syntax or my software. I'm currently building a local website using EasyPHP 5.3.5.0 on a machine that isn't connected to the internet. Connecti

2018-06-07 02:39:11

PHP会话:解释请吗?

我现在一直在学习PHP,大部分时间它一直很容易。 我唯一挂的就是让会议开始工作。 谷歌在这一努力中一直没有宽容。 这可能是两个原因之一; 语法或我的软件。 我目前正在使用EasyPHP 5.3.5.0在未连接到互联网的机器上构建本地网站。 将它连接到互联网不是一种选择。 我目前所了解的会话是与它相关的许多语法已被废弃,取而代之的是超全球性的$_SESSION数组,这更容易使用。 start_session(); 必须在与会话相关的任何语

2018-06-07 02:39:11

how to access MySql database of web hosting site

I have created my own web site in PHP. I have member login function also. For login function i have to create a table of member info in the database of web hosting company(my hosting is provided by GoDaddy.com) and then access mySql database. >> how can I create the table in my hosting server?? my current code is-- <?php $host="localhost"; // Host name **??what will be my host??*

2018-06-07 02:38:09

如何访问虚拟主机网站的MySql数据库

我用PHP创建了自己的网站。 我也有会员登录功能。 对于登录功能,我必须在Web托管公司的数据库(我的托管由GoDaddy.com提供)中创建成员信息表,然后访问mySql数据库。 >>我如何在我的托管服务器中创建表? 我现在的代码是 - <?php $host="localhost"; // Host name **??what will be my host??** $username=""; // Mysql username $password=""; // Mysql password $db_name="test"; // Database name

2018-06-07 02:38:09

Cookies PHP

我如何“内置”这个脚本的自动登录? if (isset($_POST['login'])) { $query = mysql_query(" SELECT * FROM users WHERE user_name = '".mysql_real_escape_string($_POST['username'])."' AND user_password = '".mysql_real_escape_string($_POST['password'])."' "); /* wrong login information? terminate the script */ if (!mysql_num_rows($query)){ header("Location: ./"); exit(); } /*

2018-06-07 02:37:08

Cookies PHP

我如何“内置”这个脚本的自动登录? if (isset($_POST['login'])) { $query = mysql_query(" SELECT * FROM users WHERE user_name = '".mysql_real_escape_string($_POST['username'])."' AND user_password = '".mysql_real_escape_string($_POST['password'])."' "); /* wrong login information? terminate the script */ if (!mysql_num_rows($query)){ header("Location: ./"); exit(); } /*

2018-06-07 02:37:07

Best way to encode passwords in PHP

I currently use, base64_encode() to encode a user's password, this works well because it allows me to simply use base64decode() to decode the password to a word and send to there email if they lose there password. I have been reading up on password though and a lot of people seem to say that you should use sha1() to encode a password. I am all for improving my system's security but i

2018-06-07 02:36:06

在PHP中编码密码的最佳方法

我目前使用, base64_encode()来编码用户的密码,这很好,因为它可以让我简单地使用base64decode()来解码一个单词的密码,并在他们丢失密码时发送给那里的电子邮件。 尽管我一直在阅读密码,但很多人似乎都认为应该使用sha1()来编码密码。 我都是为了提高我的系统的安全性,但如果我转换为使用shal(),那么我将无法发送用户那里丢失的密码。 你用什么? 你能给我一些建议吗? 有没有办法解码到一个可读的密码发

2018-06-07 02:36:05

Password hashing and salts in PHP

I'm working on a site which is (try to be) super secure. I read a lot about password hashing and using salts, but not everything is clear to me. I would like to use sha-256 hash algorithm with salt. I know about salts that all of them should be unique per-user per-password. I'm wondering what if I use the password as salt too? Hash the password with sha256 and then hash it with an o

2018-06-07 02:34:02

密码哈希和PHP中的盐

我在一个网站上工作,这是一个超级安全的网站。 我读了很多关于密码哈希和使用盐的信息,但并不是所有的东西都很清楚。 我想用盐sha-256哈希算法。 我了解盐,他们应该每个用户每个密码都是唯一的。 我想知道如果我也使用密码作为盐吗? 使用sha256哈希密码,然后使用其他算法对其进行哈希处理,然后将其用作盐。 这样我就不必将salt存储在数据库中。 这可能吗? 或者我应该生成一个随机字符串? 不,这仍然是单向算

2018-06-07 02:34:01

Salt and passwords

Possible Duplicate: Secure hash and salt for PHP passwords For my passwords should I use salt like this (the salt will be unique to each user and not stored directly with the password)... $salt = sha1(md5("coders gonna code")); $password = md5($salt.$password); or would it be okay if I just used: $password = md5($password); because if I used salt, even if the user makes up a bad password

2018-06-07 02:33:00

盐和密码

可能重复: 为PHP密码提供安全散列和盐分 对于我的密码,我应该使用这样的盐(盐对每个用户都是唯一的,而不是直接用密码保存)... $salt = sha1(md5("coders gonna code")); $password = md5($salt.$password); 或者如果我只是使用它会好吗? $password = md5($password); 因为如果我使用的盐,即使用户进行了错误的密码,例如密码都不会有问题,因为盐(在这种情况下)将145ac26ff093c6e1317f7d5fb4c9fd11c77be975所以

2018-06-07 02:32:59

password salt storing

I want to update my password setup that is currently using just MD5. Now what I would like to do is use something stronger (maybe sha256) with unique salt per user. The question is about the salt storage. Do I go with storing the salt in its own column in the database? Then hash salt + password and when it comes to login, call the salt and password from the database, to make one. Or do

2018-06-07 02:31:58

密码盐存储

我想更新我目前仅使用MD5的密码设置。 现在我想要做的是用更强大的(也许sha256)和每个用户独特的盐。 问题是关于盐储存。 我是否将salt存储在数据库的自己的列中? 然后输入salt + password,当登录时,从数据库中调用盐和密码来创建一个。 或者我可以通过使用用户名,电子邮件和时间戳来制作盐,这也会给我每个用户一个独特的盐? 我想知道,如果有人拿着盐作为列的数据库,他们会知道每个用户的盐,然后他们可以

2018-06-07 02:31:57

encrypt password in android(client side) and decrypt in server side PHP with rsa

I have encrypt my password in android(client side) with rsa. As we know its using public key to encrypt and private key to decrypt. i generate public key and private key like code below KeyPairGenerator gen = KeyPairGenerator.getInstance(RSA); gen.initialize(1024, new SecureRandom()); KeyPair keyPair = gen.generateKeyPair(); uk = keyPair.getPublic(); rk = keyPair.getPrivate

2018-06-07 01:59:58

在android(客户端)加密密码并在服务器端用rsa解密PHP

我使用rsa在Android(客户端)加密密码。 我们知道它使用公钥加密和私钥解密。 我生成如下代码的公钥和私钥 KeyPairGenerator gen = KeyPairGenerator.getInstance(RSA); gen.initialize(1024, new SecureRandom()); KeyPair keyPair = gen.generateKeyPair(); uk = keyPair.getPublic(); rk = keyPair.getPrivate(); 即时通讯加密和解密这个在Android的这个关键。 但在服务器端,处理解密的人需要我的

2018-06-07 01:59:58