Php 加密-解密,数据库
我创建了两个用于加密和解密的函数,如下所示Php 加密-解密,数据库,php,sql,phpmyadmin,Php,Sql,Phpmyadmin,我创建了两个用于加密和解密的函数,如下所示 function encryption($x) { $key = 'SuperSecretKey'; $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $x, MCRYPT_MODE_ECB); return $encrypted; } function decryption($y) { $key = 'SuperSecretKey'; $decryp
function encryption($x) {
$key = 'SuperSecretKey';
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $x, MCRYPT_MODE_ECB);
return $encrypted;
}
function decryption($y) {
$key = 'SuperSecretKey';
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $y, MCRYPT_MODE_ECB);
return $decrypted;
}
$dpass = "select Password from persons where Email='" . $_POST['name'] . "'";
$rpass = mysql_query($dpass);
$line = mysql_fetch_array($rpass);
$lpass = $line['Password'];
echo $lpass;
我在数据库中插入了加密密码,它工作正常,当我从数据库中检索密码时,我会得到如下加密密码
function encryption($x) {
$key = 'SuperSecretKey';
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $x, MCRYPT_MODE_ECB);
return $encrypted;
}
function decryption($y) {
$key = 'SuperSecretKey';
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $y, MCRYPT_MODE_ECB);
return $decrypted;
}
$dpass = "select Password from persons where Email='" . $_POST['name'] . "'";
$rpass = mysql_query($dpass);
$line = mysql_fetch_array($rpass);
$lpass = $line['Password'];
echo $lpass;
但问题是当你使用解密函数时
$d_pass = decryption($lpass);
echo $d_pass;
它不给我相同的文本,我用的密码?你能告诉我问题出在哪里吗?试试这个
function encryption($x) {
$key = 'SuperSecretKey';
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $x, MCRYPT_MODE_CBC, md5(md5($key))));
return $encrypted;
}
function decryption($y) {
$key = 'SuperSecretKey';
$decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($y), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
return $decrypted;
}
不要存储加密的密码。散列并存储在数据库中。除此之外,WTF在2013年使用的是
mysql\u query
:P检查一下,我在这里看到SQL注入。。。。永远不要相信用户的输入