Mysql DES_使用CodeIgniter ActiveRecord加密
使用以下查询查询数据库时:Mysql DES_使用CodeIgniter ActiveRecord加密,mysql,codeigniter,activerecord,Mysql,Codeigniter,Activerecord,使用以下查询查询数据库时: SELECT username, DES_DECRYPT(password) as password FROM accounts WHERE 1; $this->db->select("username, DES_DECRYPT(password) as password"); return $this->db->get("accounts")->result_array(); $this->db->select("use
SELECT username, DES_DECRYPT(password) as password FROM accounts WHERE 1;
$this->db->select("username, DES_DECRYPT(password) as password");
return $this->db->get("accounts")->result_array();
$this->db->select("username, DES_DECRYPT(password) as password");
$this->db->select("username, " . decrypt(password) . " as password");
我将得到如下结果:
username | password
-------------------
testUser | pwtest
当我在CodeIgniters活动记录中执行相同操作时,如下所示:
SELECT username, DES_DECRYPT(password) as password FROM accounts WHERE 1;
$this->db->select("username, DES_DECRYPT(password) as password");
return $this->db->get("accounts")->result_array();
$this->db->select("username, DES_DECRYPT(password) as password");
$this->db->select("username, " . decrypt(password) . " as password");
我将获得以下数组:
[0] => Array
(
[username] => testUser
[password] =>
)
你知道为什么这不起作用,或者如何让它起作用吗
一些附加信息:该功能还将完全包含插入:
$this->db->insert("accounts", array("username" => "test", "password" => "DES_ENCRYPT(wachtwoord)"));
这将插入(纯文本)“DES_ENCRYPT(wachtwoord)”
另外,为了防止标准的“使用散列比保存密码更好”讨论:我同意,但在这种情况下,散列不是一个选项。codeigniter不是100%完成的,很可能它没有使用所有mysql函数。而不是这样写:
SELECT username, DES_DECRYPT(password) as password FROM accounts WHERE 1;
$this->db->select("username, DES_DECRYPT(password) as password");
return $this->db->get("accounts")->result_array();
$this->db->select("username, DES_DECRYPT(password) as password");
$this->db->select("username, " . decrypt(password) . " as password");
这样写:
SELECT username, DES_DECRYPT(password) as password FROM accounts WHERE 1;
$this->db->select("username, DES_DECRYPT(password) as password");
return $this->db->get("accounts")->result_array();
$this->db->select("username, DES_DECRYPT(password) as password");
$this->db->select("username, " . decrypt(password) . " as password");
其中decrypt是DES_decrypt的php等价物。php等价物是Mcrypt更多信息,请参见:
也要避免以可以解密的方式加密密码。除了用户之外,没有人应该知道他们的密码。谢谢你的回答。在某些情况下,应用程序必须知道凭据(例如,为了能够连接到其他服务)。