Php 为什么我不能从sha512的哈希密码中得到相同的结果?
我是一个编程新手,去年四月刚开始,今天我面临一个问题,因为在我的登录文件中我调用了 $hashedPassword=$securityHelper->hashPassword$\u POST['password'],$userfined->getSalt 散列我的密码并与数据库中的散列密码进行比较。 但我总是得到不同的结果,就像这里:Php 为什么我不能从sha512的哈希密码中得到相同的结果?,php,hash,sha512,Php,Hash,Sha512,我是一个编程新手,去年四月刚开始,今天我面临一个问题,因为在我的登录文件中我调用了 $hashedPassword=$securityHelper->hashPassword$\u POST['password'],$userfined->getSalt 散列我的密码并与数据库中的散列密码进行比较。 但我总是得到不同的结果,就像这里: Password: Michelle123 Hached BD Password: 9705f99f231cef89289a57db52e202e4f9b2211
Password: Michelle123
Hached BD Password: 9705f99f231cef89289a57db52e202e4f9b221144c500734d3beb0d2eaf2371e3f2c203f914c1616383eee58548e3964d6402cb779041cc07bb2683b7110f3e5
Hached Password: 2085f93e3c4a241cc3f17327c1bf01f87330c9bdf03f8ec6fd6a04d6a62454ea6961aef395b08b5eac0d5c63ed49c1fcd2328b455d402bd623fb2f75908c8ee8
Salt: h7b867Xxk9WE2CugPT6TKJ6nHkvRhH1BMgC3B69fG5xfv47nZB
我在网上查过了,但什么也没找到
=>在我的登录文件中
$securityHelper = new SecurityHelper();
$userManager = new UserManager();
$userFinded = $userManager->findUserByEmail($email);
// Hache le mot de passe
$hashedPassword = $securityHelper->hashPassword($_POST['password'], $userFinded->getSalt());
if ($userFinded) {
echo 'Password: '.$_POST['password'];
echo '</br>';
echo 'Hached BD Password: '.$userFinded->getPassword();
echo '</br>';
echo 'Hached Password: '.$hashedPassword;
echo '</br>';
echo 'Salt: '.$userFinded->getSalt();
echo '</br>';
}
一个朋友终于帮我找到了代码中的错误,它在我的UserManager.php中, 当我存储一个新用户时,我犯了一个错误,我颠倒了:token和:salt 更改这部分后,我的代码运行良好,我非常高兴,感谢您的帮助
Password: Azerty123
Hached DB Password: 0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Hached Password: 0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Salt: YTXnJeo5NL8klA5PaQ1Hd7ShmuWs6UyuO4gWftBwKaIFpKQNNl
您还可以共享您的UserManager类吗?可能问题是,您的$userSalt对于该用户并不总是相同的—DB中有一个更改?。或者,另一种可能是,您存储的哈希密码的计算过程与验证密码的过程不同。生成并存储在数据库中的$userSalt始终是相同的。此外,存储的函数使用相同的函数hashPassword$plainPassword$userSalt计算
class UserManager extends EntityManager {
public function save(User $user) {
//requête d'insertion, avec paramètre nommés
$sql = "INSERT INTO vi_users
(email, password, nom, prenom, salt, token, dateCreated, dateModified)
VALUES
(:email, :password, :nom, :prenom, :token, :salt, :dateCreated, :dateModified)";
// Envoit la requête à MySQL
$stmt = $this->dbh->prepare($sql);
// Assigne des valeurs à chaque paramètre nommé
$stmt->bindValue(":email", $user->getEmail());
$stmt->bindValue(":password", $user->getPassword());
$stmt->bindValue(":nom", $user->getNom());
$stmt->bindValue(":prenom", $user->getPrenom());
$stmt->bindValue(":salt", $user->getSalt());
$stmt->bindValue(":token", $user->getToken());
$stmt->bindValue(":dateCreated", $user->getDateCreated()->format("Y-m-d H:i:s"));
$stmt->bindValue(":dateModified", $user->getDateModified()->format("Y-m-d H:i:s"));
//finalement, exécute la requête
$stmt->execute();
}
// Compte le nombre total d'utilisateur dans la bdd et retourne ce nombre
public function countUsers() {
include_once ("models/User.php");
$sql = "SELECT COUNT(*) FROM vi_users";
$stmt = $this->dbh->prepare($sql);
$stmt->execute();
$usersNumber = $stmt->fetchColumn();
return $usersNumber;
}
// Récupère (et retourne) tous les utilisateurs
function findAllUsers() {
include_once ("models/User.php");
$sql = "SELECT * FROM vi_users ORDER BY user ASC";
$stmt = $this->dbh->prepare($sql);
$stmt->execute();
$users = $stmt->fetchAll(PDO::FETCH_CLASS, "User");
return $users;
}
public function findUserById($id) {
include_once ("models/User.php");
$sql = "SELECT * FROM vi_users
WHERE id_user = :id";
$stmt = $this->dbh->prepare($sql);
$stmt->bindValue(":id", $id);
$stmt->execute();
$user = $stmt->fetchObject("User");
return $user;
}
public function findUserByEmail($email) {
include_once ("models/User.php");
$sql = "SELECT * FROM vi_users
WHERE email = :email";
$stmt = $this->dbh->prepare($sql);
$stmt->bindValue(":email", $email);
$stmt->execute();
$user = $stmt->fetchObject("User");
return $user;
}
}
$sql = "INSERT INTO vi_users
(email, password, nom, prenom, salt, token, dateCreated, dateModified)
VALUES
(:email, :password, :nom, :prenom, :token, :salt, :dateCreated, :dateModified)";
Password: Azerty123
Hached DB Password: 0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Hached Password: 0efbadc9d0c32ca1c4c0421d212cc38cad2d2bfa8815faf18595470c50dbcce92283e3ff40170ada6cd2354345b8a48d26c32cd7c763ff79ed4b2ebb10c0e02d
Salt: YTXnJeo5NL8klA5PaQ1Hd7ShmuWs6UyuO4gWftBwKaIFpKQNNl