PHP salt and hash SHA256 for login password

后端未结

关注

 6  2303

南方客 2020-12-23 17:19

I\'ve made encrypting of the password in my register script and they are stored in the database, and I have to use them to login, so I would want to use the unencrypted ones

6条回答

感动是毒 (楼主)

2020-12-23 18:08

These examples are from php.net. Thanks to you, I also just learned about the new php hashing functions.

Read the php documentation to find out about the possibilities and best practices: http://www.php.net/manual/en/function.password-hash.php

Save a password hash:

$options = [
    'cost' => 11,
];
// Get the password from post
$passwordFromPost = $_POST['password'];

$hash = password_hash($passwordFromPost, PASSWORD_BCRYPT, $options);

// Now insert it (with login or whatever) into your database, use mysqli or pdo!

Get the password hash:

// Get the password from the database and compare it to a variable (for example post)
$passwordFromPost = $_POST['password'];
$hashedPasswordFromDB = ...;

if (password_verify($passwordFromPost, $hashedPasswordFromDB)) {
    echo 'Password is valid!';
} else {
    echo 'Invalid password.';
}

0 讨论(0)

查看其它6个回答