我想为我的网站创建有点身份验证系统,但是我遇到了MD5功能问题 - 它无法正常工作,请看下面的代码段:
$valid_request = 0;
$login = "";
$passwordMD5 = "";
$hardwareidMD5 = "";
$hash1 = "";
$hash2 = "";
// a - username
// b - hardwareid md5 hash
// c - password md5 hash
// d - hash of (a+b+c)
// e - hash of (a+b+c+d)
if(isset($_GET['a']) && isset($_GET['b']) && isset($_GET['c'])
&& isset($_GET['d']) && isset($_GET['e']) )
{
$login = $_GET['a'];
if(strlen($login) <= 32 && strlen($login) >= 1 && isValid($login,1) === 1)
{
$passwordMD5 = $_GET['b'];
if(strlen($passwordMD5) === 32 && isValid($passwordMD5,2) === 1)
{
$hardwareidMD5 = $_GET['c'];
if(strlen($hardwareidMD5) === 32 && isValid($hardwareidMD5,2) === 1)
{
$valid_request = 1;
$hash1 = MD5($login+$passwordMD5+$hardwareidMD5);
$hash2 = MD5($login+$passwordMD5+$hardwareidMD5+$hash1);
echo "HASH1: $hash1\n"."HASH2: $hash2\n";
}else $valid_request = 0;
}else $valid_request = 0;
}else $valid_request = 0;
}else
$valid_request = 0;
问题在于:
$hash1 = MD5($login+$passwordMD5+$hardwareidMD5);
$hash2 = MD5($login+$passwordMD5+$hardwareidMD5+$hash1);
echo "HASH1: $hash1\n"."HASH2: $hash2\n";
它总是打印两次相同的md5,页面源代码如下:
HASH1: cfcd208495d565ef66e7dff9f98764da
HASH2: cfcd208495d565ef66e7dff9f98764da
答案 0 :(得分:3)
问题是你试图将md5函数的参数与+而不是.连接起来。
但是如果你允许我,我建议你不要再使用md5作为密码了。请改用sha256。这里是解释的链接: Reasons why SHA512 is superior to MD5