我正在进行验证过程以检查用户的旧密码,但问题是我无法理解为什么我的查询返回零行,预计它有1行。还有一件事是,即使我没有将我的密码文本转换为md5,哈希密码仍然得到正确的答案,我不知道为什么会发生。这是我目前的代码:
public function validate_oldpassword($username,$password)
{
$this->db->select('user_salt');
$query = $this->db->get_where('login',array('username' => $username));
if ($query->num_rows() == 1)
{
foreach ($query->result() as $row)
{
$password2 = hash("sha256",$password.$row->user_salt);
$this->db->flush_cache();
$query = $this->db->get_where('login', array('username' => $username, 'password' => $password2));
//return $this->db->last_query();
return $query->num_rows();
if($query->num_rows()==1){
return "YEHEY";
}else{
return "NO";
}
}
}
}
我还检查了查询,并返回正确的查询:
SELECT * FROM (`login`) WHERE `username` = 'kahel' AND `password` = 'f91d20d381426ea56e57da9ab23d0c568b8f934c3ff313e1bbf6c28a4fee758a'
我的密码为test salt为XgvT7F~(CYr#*0E1^UI@xkqJ5GcAO8BHsotZpf+WQ!4&ja2y%NdelLmhPSnRw9)zDK63VMuib,密码为f91d20d381426ea56e57da9ab23d0c568b8f934c3ff313e1bbf6c28a4fee758a
public function get_login_credentials($username,$password)
{
$this->db->select('user_salt');
$query = $this->db->get_where('login',array('username' => $username));
if ($query->num_rows() == 1)
{
foreach ($query->result() as $row)
{
$password = hash("sha256",md5($password).$row->user_salt);
$query = $this->db->get_where('login', array('username' => $username, 'password' => $password));
return $query->num_rows();
}
}
}
我无法弄明白为什么它返回零行。
答案 0 :(得分:2)
在您正在设置的登录功能中:
$password = hash("sha256",md5($password).$row->user_salt);
并在validate_oldpassword中设置:
$password2 = hash("sha256",$password.$row->user_salt);
你没有在它上面做md5哈希