在其他php文件中使用mcrypt_decrypt时不起作用
我正在创建一个登录名,注册用户可以使用Emailid和密码登录 我有一个表单,其中用户注册的信息是用户名、EmailID、密码等 然后,在mysql数据库中插入数据时,我正在加密密码 代码是:在其他php文件中使用mcrypt_decrypt时不起作用,php,mysql,encryption,lampp,Php,Mysql,Encryption,Lampp,我正在创建一个登录名,注册用户可以使用Emailid和密码登录 我有一个表单,其中用户注册的信息是用户名、EmailID、密码等 然后,在mysql数据库中插入数据时,我正在加密密码 代码是: <?php define("ENCRYPTION_KEY", "!@#$%^&*"); $finalarray=array(); $finalarray['UserName']= $_POST["fname"]; $finalarray['Emai
<?php
define("ENCRYPTION_KEY", "!@#$%^&*");
$finalarray=array();
$finalarray['UserName']= $_POST["fname"];
$finalarray['EmailID']= $_POST['email'];
$password = $_POST['pwd'];
$encrypted = encryptIt( $input );
$finalarray['Password']= $encrypted;
function encryptIt( $q )
{
$cryptKey = 'qJB0rGtIn5UB1xG03efyCp';
$qEncoded = base64_encode( mcrypt_encrypt( MCRYPT_RIJNDAEL_256, md5( $cryptKey ), $q, MCRYPT_MODE_CBC, md5( md5( $cryptKey ) ) ) );
return( $qEncoded );
}
/* code for insert into database */
?>
<?php
include 'ConnectionDatabase.php'; /database connnection
define("ENCRYPTION_KEY", "!@#$%^&*");
ob_start();
session_start();
$username = $_POST['email'];
$password = $_POST['password'];
$connection= connection(); //connected
$username = mysql_real_escape_string($username);
$query = "SELECT EmailID,Password
FROM User
WHERE EmailID = ".'$username';
$result = mysql_query($query);
if(mysql_num_rows($result) == 0) // User not found. So, redirect to login_form again.
{
echo "Not Valid User";
header('Location: login.html');
}
$row=mysql_fetch_array($result);
$encryptpassword=$row[1];
echo $encryptpassword."<br>";
$decrypted = decryptIt($encryptpassword);
echo $decrypted; //no value is coming
if($password != $decrypted ) // Incorrect password. So, redirect to login_form again.
{
header('Location: login_fb.php');
}else{ // Redirect to home page after successful login.
echo "login";
session_regenerate_id();
$_SESSION['sess_user_id'] = $userData['id'];
$_SESSION['sess_username'] = $userData['username'];
session_write_close();
//header('Location: creatememorial.php');
}
function decryptIt( $q ) {
$cryptKey = 'qJB0rGtIn5UB1xG03efyCp';
$qDecoded = rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_256, md5( $cryptKey ), base64_decode( $q ), MCRYPT_MODE_CBC, md5( md5( $cryptKey ) ) ), "\0");
return( $qDecoded );
}
?>
当用户登录时,会交叉检查数据库中的电子邮件id和密码
为此,我编写了解密函数来匹配密码,如果emailid与密码匹配,则用户将登录
代码是:
<?php
define("ENCRYPTION_KEY", "!@#$%^&*");
$finalarray=array();
$finalarray['UserName']= $_POST["fname"];
$finalarray['EmailID']= $_POST['email'];
$password = $_POST['pwd'];
$encrypted = encryptIt( $input );
$finalarray['Password']= $encrypted;
function encryptIt( $q )
{
$cryptKey = 'qJB0rGtIn5UB1xG03efyCp';
$qEncoded = base64_encode( mcrypt_encrypt( MCRYPT_RIJNDAEL_256, md5( $cryptKey ), $q, MCRYPT_MODE_CBC, md5( md5( $cryptKey ) ) ) );
return( $qEncoded );
}
/* code for insert into database */
?>
<?php
include 'ConnectionDatabase.php'; /database connnection
define("ENCRYPTION_KEY", "!@#$%^&*");
ob_start();
session_start();
$username = $_POST['email'];
$password = $_POST['password'];
$connection= connection(); //connected
$username = mysql_real_escape_string($username);
$query = "SELECT EmailID,Password
FROM User
WHERE EmailID = ".'$username';
$result = mysql_query($query);
if(mysql_num_rows($result) == 0) // User not found. So, redirect to login_form again.
{
echo "Not Valid User";
header('Location: login.html');
}
$row=mysql_fetch_array($result);
$encryptpassword=$row[1];
echo $encryptpassword."<br>";
$decrypted = decryptIt($encryptpassword);
echo $decrypted; //no value is coming
if($password != $decrypted ) // Incorrect password. So, redirect to login_form again.
{
header('Location: login_fb.php');
}else{ // Redirect to home page after successful login.
echo "login";
session_regenerate_id();
$_SESSION['sess_user_id'] = $userData['id'];
$_SESSION['sess_username'] = $userData['username'];
session_write_close();
//header('Location: creatememorial.php');
}
function decryptIt( $q ) {
$cryptKey = 'qJB0rGtIn5UB1xG03efyCp';
$qDecoded = rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_256, md5( $cryptKey ), base64_decode( $q ), MCRYPT_MODE_CBC, md5( md5( $cryptKey ) ) ), "\0");
return( $qDecoded );
}
?>
echo$已解密;没有任何想法
当我在一个程序中执行此操作时,我引用了link
当我使用这两个php文件时,它不工作
我不知道是什么问题
有人能帮我吗 你在这方面走了很长的路 只需加密用户密码,并在数据库查询中使用加密密码 例如:
$username = $_POST['email'];
$password = $_POST['password'];
$connection = connection();
$username = mysql_real_escape_string($username);
$password = encryptIt(mysql_real_escape_string($_POST['password']));
$query = "SELECT EmailID,Password
FROM User
WHERE EmailID = '".$username."' AND Password = '".$password."';
如果它返回一行,则有一个用户具有该电子邮件和该密码
作为旁注;不再推荐使用mysql_*函数-您应该切换到mysqli_*库,或者更好地使用准备好的语句
另外-您使用MD5生成哈希,您无法解密哈希-这是一种单向转换。谢谢您的回复。但当我在数据库中插入密码加密FCYGGLQLFHK6J7W7XUMGWGPOJWIZLAUFI2YT5/Q68xM=并且在登录时,相同的密码是ZPR2EL6EOTXA91J9W+C/XG32j4bvk0lZ5AmcFS9vR4=我不明白问题出在哪里,请帮我解决。是的,因此,如果您加密用户在登录时输入的密码-如果密码正确,它将与数据库中的字符串匹配。密码相同。但它赋予了不同的价值。有什么问题