Php 使用Zend Framework保存密码
我创建了一个带有密码字段的表单,用于在网站上注册Php 使用Zend Framework保存密码,php,mysql,zend-framework,passwords,Php,Mysql,Zend Framework,Passwords,我创建了一个带有密码字段的表单,用于在网站上注册 new Zend_Form_Element_Password('password', array( 'required' => true, 'label' => $this->getView()->translate('createprofile_password'), 'filters' => array('StringTrim'), 'validators' => array
new Zend_Form_Element_Password('password', array(
'required' => true,
'label' => $this->getView()->translate('createprofile_password'),
'filters' => array('StringTrim'),
'validators' => array(
new Zend_Validate_StringLength(array('min' => 6, 'max' => 20, 'encoding' => 'utf-8')),
),
'class' => "validate['required','length[6,20]']",
)),
如何将其保存到数据库中?
我试过这样的方法,但不起作用。密码未加密
$profile = new Profile();
$entry = $profile->createEntry(array(
'firstname' => $requestPost['firstname'],
'lastname' => $requestPost['lastname'],
'email' => $requestPost['email'],
'password' => $requestPost['password'],
'published' => 1,
));
$profileId = $entry->save();
这是一个简单的例子:
$profile = new Profile();
$entry = $profile->createEntry(array(
'firstname' => $requestPost['firstname'],
'lastname' => $requestPost['lastname'],
'email' => $requestPost['email'],
//hash password using sha1 and a salt (returns 40 character string) .
//Save the salt reference somewhere so you can rebuilt the string to compare hashes for authentication.
//a salt is arbitrary data prepended or appended to the data being hashed
'password' => sha1($salt . $requestPost['password']),
'published' => 1,
));
$profileId = $entry->save();
要稍后对密码进行身份验证,请重新生成并散列字符串:
//both hashes should match exactly
if (sha1($salt . $inputPassword) === $password)//$password form data store
散列通常用于密码,因为它更容易使用资源,而且除了密码制作者之外,没有人能够知道它。没有合理的方法可以撤销腌制的杂烩。您只知道输入的哈希密码+salt是否与保存的哈希密码+salt相同。要对其进行加密,您需要。。。加密它。如果你真的想在(即将推出的?)实时系统/网站上实现这一点,我绝对建议你加密密码。如果这只是为了了解它可以等待,而不知道配置文件是如何将信息存储到数据库中的,那么这个问题就无法回答。请向我们展示Prifile::createEntry和Profile::save的实现