我是什么意思。在我下面的回答中,我只是避免说“不要使用MD5,它不是无冲突的”,因为它只用于生成盐。 require("constants.php"); $DBH = new mysqli($dbhost, $dbuser, $dbpass, $dbnam
我是什么意思。在我下面的回答中,我只是避免说“不要使用MD5,它不是无冲突的”,因为它只用于生成盐。我是什么意思。在我下面的回答中,我只是避免说“不要使用MD5,它不是无冲突的”,因为它只用于生成盐。 require("constants.php"); $DBH = new mysqli($dbhost, $dbuser, $dbpass, $dbnam,php,security,login,Php,Security,Login,我是什么意思。在我下面的回答中,我只是避免说“不要使用MD5,它不是无冲突的”,因为它只用于生成盐。 require("constants.php"); $DBH = new mysqli($dbhost, $dbuser, $dbpass, $dbname); function createSalt() { $length = mt_rand(64, 128); $salt = ''; for ($i = 0; $i < $length; $i++) {
require("constants.php");
$DBH = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
function createSalt() {
$length = mt_rand(64, 128);
$salt = '';
for ($i = 0; $i < $length; $i++) {
$salt .= chr(mt_rand(33, 255));
}
return $salt;
}
//Salt function created by ircmaxell
function registerNewUser() {
//Check to see if Username Is In Use//
$q = $DBH->prepare("SELECT id FROM users WHERE username = ?");
$username = filter_var($username, FILTER_SANITIZE_STRING);
$data = array($username);
$q->execute($data);
$row = $q->fetch();
if ($row === false) {
//If Username Is Not Already In Use Insert Data//
$hash = hash('sha256', $pass);
$salt = createSalt();
$hash = hash('sha256', $salt . $hash . $pass); //UPDATED
$data = array($username, $hash, $salt);
$qInsert = $DBH->prepare(
"INSERT INTO users (username, password, salt) values (?, ?, ?)"
);
$qInsert->execute($data); //Inserts User Data Into Table//
}
}
$hash = hash('sha256', $pass);
$salt = substr(hash('sha256', mt_rand(0, 1337)), mt_rand(0, 31), 32);
$hash = $salt . hash('sha256', $salt . $hash . $pass);
$hash = hash('sha256', $pass);
$salt = createSalt();
$hash = hash('sha256', $salt . $hash . $pass);
$hash = hash('sha256', 'foo'); // "test" for example
$hash = hash('sha256', 'bar'); // "test" since it's a collision
$newHash = hash('sha256', $salt . $hash); //The same for both foo and bar!
function createSalt() {
$length = mt_rand(64, 128);
$salt = '';
for ($i = 0; $i < $length; $i++) {
$salt .= chr(mt_rand(33, 255));
}
return $salt;
}