Fatal编程技术网
  • javascript/
  • Javascript 输入哈希值以重置密码而不是实际用户密码

Javascript 输入哈希值以重置密码而不是实际用户密码

javascript php hash

Javascript 输入哈希值以重置密码而不是实际用户密码,javascript,php,hash,mysqli,Javascript,Php,Hash,Mysqli,我有一个更新密码页面,不允许我为当前密码字段输入实际的当前密码。相反,它需要哈希密码。然而,一旦更改,新的将被散列,这是一件好事。我只需要能够输入实际密码,而不是散列 是的,我知道,没有md5;这是测试的全部 changepassword.js <script> function validatePassword() { var currentPassword,newPassword,confirmPassword,output = true; currentPassword =

我有一个更新密码页面,不允许我为当前密码字段输入实际的当前密码。相反,它需要哈希密码。然而,一旦更改,新的将被散列,这是一件好事。我只需要能够输入实际密码,而不是散列

是的,我知道,没有md5;这是测试的全部

changepassword.js

<script>
function validatePassword() {
var currentPassword,newPassword,confirmPassword,output = true;

currentPassword = document.frmChange.currentPassword;
newPassword = document.frmChange.newPassword;
confirmPassword = document.frmChange.confirmPassword;

if(!currentPassword.value) {
currentPassword.focus();
document.getElementById("currentPassword").innerHTML = "required";
output = false;
}
else if(!newPassword.value) {
newPassword.focus();
document.getElementById("newPassword").innerHTML = "required";
output = false;
}
else if(!confirmPassword.value) {
confirmPassword.focus();
document.getElementById("confirmPassword").innerHTML = "required";
output = false;
}
if(newPassword.value != confirmPassword.value) {
newPassword.value="";
confirmPassword.value="";
newPassword.focus();
document.getElementById("confirmPassword").innerHTML = "not same";
output = false;
}   
return output;
}
</script>   


函数validatePassword(){
var currentPassword、newPassword、confirmPassword、output=true;
currentPassword=document.frmChange.currentPassword;
newPassword=document.frmChange.newPassword;
confirmPassword=document.frmChange.confirmPassword;
如果(!currentPassword.value){
currentPassword.focus();
document.getElementById(“currentPassword”).innerHTML=“必需”;
输出=假;
}
else如果(!newPassword.value){
newPassword.focus();
document.getElementById(“newPassword”).innerHTML=“必需”;
输出=假;
}
否则如果(!confirmPassword.value){
confirmPassword.focus();
document.getElementById(“confirmPassword”).innerHTML=“必需”;
输出=假;
}
if(newPassword.value!=confirmPassword.value){
newPassword.value=“”;
confirmPassword.value=“”;
newPassword.focus();
document.getElementById(“confirmPassword”).innerHTML=“不一样”;
输出=假;
}   
返回输出;
}
updatepassword.php

<?php
    include 'core/login.php';    === this contains the connection, it's obviously good ===
    include 'includes/head.php';  === changepassword.js is linked in the head ===   
    if(count($_POST)>0) {
    $result = mysqli_query($link, "SELECT *from users WHERE id='" . $_SESSION["id"] . "'");
    $row = mysqli_fetch_array($result);
    if($_POST["currentPassword"] == $row["password"]) {
    mysqli_query($link, "UPDATE users set `password`='" .md5(md5($_POST['newPassword'])) . "' WHERE id='" . $_SESSION["id"] . "'");
    $message = "Password Changed";
    } else $errormessage = "Current Password is not correct";
    }
print_r($_SESSION);
?>

您的问题在于:


if($_POST["currentPassword"] == $row["password"]) {


您正在比较散列的实际文本版本(如“密码”)与该密码的散列版本(如“213y789hwuhui1dh”)。其结果是:


if("password" == "213y789hwuhui1dh") {


这显然是不准确的。要解决这个问题,您所要做的就是按照创建密码时的方式对密码进行散列。如果我正确理解了您的代码,应该是:


if(md5(md5($_POST["currentPassword"]))==$row["password"]) {


关于SQL注入的旁注


请注意,这段代码非常容易注入。用户需要做的就是用
结束“currentPassword”POST值;显示数据库
并且他们可以无限制地访问服务器的MySQL数据库。考虑学习使用MySQL编写的语句。它们很容易理解,也很容易实现。
我太过火了。你的另一个问题已经结束了。我要把这个留在这里。。。我使用的是PHP版本PHP5.2.0


    

  • 

  • 

  • 





您有一个SQL注入漏洞。我正试图修复这一部分。如果我必须修复该漏洞,那将花费我一辈子的时间,因为我知道良好的安全性需要几个不同的文件。这就是为什么我想解决这个问题。一旦完成,我就前进。哈。。。你刚刚结束了你的另一个问题。我有一些代码给你。我要把它贴在这里。

if(md5(md5($_POST["currentPassword"]))==$row["password"]) {



<?php

// so I don't actually have to test form submission, too... 
$_POST['current_password'] = 'Tacotaco'; 
$_POST['new_password']     = 'NINrocksOMG';
$_POST['confirmPassword']  = 'NINrocksOMG'; 
$_SESSION['id'] = 1;

// this is Tacotaco encrypted... update your db to test
// update users set password = '$2y$10$fc48JbA0dQ5dBB8MmXjVqumph1bRB/4zBzKIFOVic9/tqoN7Ui59e' where id=1


// the following is sooooo ugly... don't leave it this way 

if (!isset($_SESSION['id'])            or empty($_SESSION['id']) or
    !isset($_POST['current_password']) or empty($_POST['current_password']) or 
    !isset($_POST['new_password'])     or empty($_POST['new_password']) or 
    !isset($_POST['confirmPassword'])  or empty($_POST['confirmPassword']) ) {
   $message = 'Please enter your password';
}
else {
   $sid = $_SESSION['id'];

   $currpass = $_POST['current_password'];
   $newpass  = $_POST['new_password'];
   $conpass  = $_POST['confirmPassword'];

   $message  = validate_password($sid, $currpass, $newpass, $conpass);
}

print "<br/>$message<br/>";

function validate_password($sid, $currpass, $newpass, $conpass) {
   $mysqli = mysqli_connect('localhost','root','','test')
               or die('Error ' . mysqli_error($link));

   $stmt = $mysqli->prepare('select id, password from users where id = ?');
   $stmt->bind_param("s", $sid);
   $stmt->execute();
   $stmt->bind_result($userid, $userpass);

   $message = '';

   if ($stmt->fetch()) { 
      $stmt->close(); 

      if (strlen($newpass) < 8) {
         $message = 'Please enter a password with at least 8 characters';
      }
      elseif (!preg_match('`[A-Z]`', $newpass)) {
         $message = 'Please enter at least 1 capital letter';
      }
      elseif ($newpass !== $conpass) { 
         $message = 'Your passwords do not match.';
      }
      else {  
         if (password_verify($currpass, $userpass)) {  
            $hashed_new = password_hash($newpass, PASSWORD_BCRYPT);  
            $query = 'update users set password = ? where id = ?'; 
            $stmt_new = $mysqli->prepare($query); 

            $stmt_new->bind_param('ss', $hashed_new, $sid);
            if ($stmt_new->execute()) {
               $message = 'Password Changed';
            }
            else {
               $message = $mysqli->error;
            }
         }
         else $message = 'Current Password is not correct';
      }
   }
   else {
      $message = 'user not found for id $sid';
   }

   $mysqli->close(); 
   return $message;
}
?>