Fatal编程技术网
  • php/
  • Php 为什么我不能从sha512的哈希密码中得到相同的结果?

Php 为什么我不能从sha512的哈希密码中得到相同的结果?

php hash

Php 为什么我不能从sha512的哈希密码中得到相同的结果?,php,hash,sha512,Php,Hash,Sha512,我是一个编程新手,去年四月刚开始,今天我面临一个问题,因为在我的登录文件中我调用了 $hashedPassword=$securityHelper->hashPassword$\u POST['password'],$userfined->getSalt 散列我的密码并与数据库中的散列密码进行比较。 但我总是得到不同的结果,就像这里: Password: Michelle123 Hached BD Password: 9705f99f231cef89289a57db52e202e4f9b2211

我是一个编程新手,去年四月刚开始,今天我面临一个问题,因为在我的登录文件中我调用了

$hashedPassword=$securityHelper->hashPassword$\u POST['password'],$userfined->getSalt

散列我的密码并与数据库中的散列密码进行比较。 但我总是得到不同的结果,就像这里:

Password: Michelle123
Hached BD Password: 9705f99f231cef89289a57db52e202e4f9b221144c500734d3beb0d2eaf2371e3f2c203f914c1616383eee58548e3964d6402cb779041cc07bb2683b7110f3e5
Hached Password: 2085f93e3c4a241cc3f17327c1bf01f87330c9bdf03f8ec6fd6a04d6a62454ea6961aef395b08b5eac0d5c63ed49c1fcd2328b455d402bd623fb2f75908c8ee8
Salt: h7b867Xxk9WE2CugPT6TKJ6nHkvRhH1BMgC3B69fG5xfv47nZB
我在网上查过了,但什么也没找到

=>在我的登录文件中

$securityHelper = new SecurityHelper();

$userManager = new UserManager();

$userFinded = $userManager->findUserByEmail($email);

// Hache le mot de passe
$hashedPassword = $securityHelper->hashPassword($_POST['password'], $userFinded->getSalt());

if ($userFinded) {
    echo 'Password: '.$_POST['password'];
    echo '</br>';
    echo 'Hached BD Password: '.$userFinded->getPassword();
    echo '</br>';
    echo 'Hached Password: '.$hashedPassword;
    echo '</br>';
    echo 'Salt: '.$userFinded->getSalt();
    echo '</br>';
}
一个朋友终于帮我找到了代码中的错误,它在我的UserManager.php中, 当我存储一个新用户时,我犯了一个错误,我颠倒了:token和:salt

更改这部分后,我的代码运行良好,我非常高兴,感谢您的帮助

Password:           Azerty123
Hached DB Password: 0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Hached Password:    0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Salt:               YTXnJeo5NL8klA5PaQ1Hd7ShmuWs6UyuO4gWftBwKaIFpKQNNl
您还可以共享您的UserManager类吗?可能问题是,您的$userSalt对于该用户并不总是相同的—DB中有一个更改?。或者,另一种可能是,您存储的哈希密码的计算过程与验证密码的过程不同。生成并存储在数据库中的$userSalt始终是相同的。此外,存储的函数使用相同的函数hashPassword$plainPassword$userSalt计算 
class UserManager extends EntityManager {

    public function save(User $user) {

        //requête d'insertion, avec paramètre nommés
        $sql = "INSERT INTO vi_users
                (email, password, nom, prenom, salt, token, dateCreated, dateModified)
                VALUES
                (:email, :password, :nom, :prenom, :token, :salt, :dateCreated, :dateModified)";

        // Envoit la requête à MySQL
        $stmt = $this->dbh->prepare($sql);

        // Assigne des valeurs à chaque paramètre nommé
        $stmt->bindValue(":email", $user->getEmail());
        $stmt->bindValue(":password", $user->getPassword());
        $stmt->bindValue(":nom", $user->getNom());
        $stmt->bindValue(":prenom", $user->getPrenom());
        $stmt->bindValue(":salt", $user->getSalt());
        $stmt->bindValue(":token", $user->getToken());
        $stmt->bindValue(":dateCreated", $user->getDateCreated()->format("Y-m-d H:i:s"));
        $stmt->bindValue(":dateModified", $user->getDateModified()->format("Y-m-d H:i:s"));

        //finalement, exécute la requête
        $stmt->execute();
    }

    // Compte le nombre total d'utilisateur dans la bdd et retourne ce nombre
    public function countUsers() {
        include_once ("models/User.php");

        $sql = "SELECT COUNT(*) FROM vi_users";
        $stmt = $this->dbh->prepare($sql);
        $stmt->execute();
        $usersNumber = $stmt->fetchColumn();

        return $usersNumber;
    }

    // Récupère (et retourne) tous les utilisateurs
    function findAllUsers() {
        include_once ("models/User.php");

        $sql = "SELECT * FROM vi_users ORDER BY user ASC";
        $stmt = $this->dbh->prepare($sql);
        $stmt->execute();

        $users = $stmt->fetchAll(PDO::FETCH_CLASS, "User");

        return $users;
    }


    public function findUserById($id) {
        include_once ("models/User.php");

        $sql = "SELECT * FROM vi_users 
                WHERE id_user = :id";
        $stmt = $this->dbh->prepare($sql);
        $stmt->bindValue(":id", $id);
        $stmt->execute();

        $user = $stmt->fetchObject("User");
        return $user;
    }

    public function findUserByEmail($email) {
        include_once ("models/User.php");

        $sql = "SELECT * FROM vi_users 
                WHERE email = :email";
        $stmt = $this->dbh->prepare($sql);
        $stmt->bindValue(":email", $email);
        $stmt->execute();

        $user = $stmt->fetchObject("User");
        return $user;
    }
}

$sql = "INSERT INTO vi_users
        (email, password, nom, prenom, salt, token, dateCreated, dateModified)
        VALUES
        (:email, :password, :nom, :prenom, :token, :salt, :dateCreated, :dateModified)";

Password:           Azerty123
Hached DB Password: 0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Hached Password:    0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Salt:               YTXnJeo5NL8klA5PaQ1Hd7ShmuWs6UyuO4gWftBwKaIFpKQNNl