(显然)相同字符串的不同哈希值

时间:2014-03-31 14:36:09

标签: php mysql character-encoding sha

我为数据库检索的字符串获取不同的哈希值,并通过html表单提交相同的值。

我做错了什么?

数据库:

SET NAMES utf8;
SET foreign_key_checks = 0;
SET time_zone = '+05:30';
SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';

DROP TABLE IF EXISTS `fcb_task`;
CREATE TABLE `fcb_task` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `state` enum('unlocked','locked') CHARACTER SET latin1 NOT NULL,
  `task_specific_notes` text CHARACTER SET latin1,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=ascii;

INSERT INTO `fcb_task` (`id`, `state`, `task_specific_notes`) VALUES
(529,   'unlocked', 'INCLUDED USERS:ONE USER PER LINE:\n1001921: Sudhamayi  Gill\n1001931: Ananga  Gupta\n----------------------------------------------------------------\nDESCRIPTION:\n elit ac molestie praesent convallis etiam metus in, augue sapien praesent pulvinar imperdiet class. sed fringilla eget pellentesque ullamcorper tincidunt congue dolor aliquet nulla, rutrum varius tortor dapibus mi gravida a sociosqu, cras ut sed curabitur sodales nibh feugiat sit. ipsum felis nam neque ultricies nibh libero luctus magna, mi arcu hendrerit purus consectetur duis etiam. molestie feugiat hac per semper sapien nisi etiam mollis, est sagittis auctor aliquet curae per pellentesque. luctus dolor magna eros dapibus facilisis massa cras molestie pulvinar, consequat suscipit rhoncus quisque lorem nulla diam odio ac nulla, tristique fermentum ut tempor faucibus fringilla eleifend scelerisque. \r\n erat sodales litora laoreet cursus mattis turpis duis metus ut iaculis, ipsum habitant fusce dui morbi in elit dictumst nisi tellus iaculis, praesent auctor senectus habitant pulvinar augue etiam augue ut. ad accumsan nunc etiam platea tempor at, enim aenean ultrices eleifend litora ad donec, gravida eleifend quis fames non. ut massa feugiat elementum ipsum rhoncus eleifend elit nibh etiam, semper dictumst adipiscing pulvinar nunc torquent eleifend donec. porttitor in et mauris dui ullamcorper at et tellus at, praesent neque turpis nisl arcu elit etiam ut consectetur, platea mauris gravida ante posuere sed accumsan mauris.\r\n\r\nnostra dapibus leo facilisis, iaculis. \r\n ut congue taciti suspendisse praesent auctor mauris massa vulputate, euismod nam tempus massa donec ornare dui nisi eleifend, augue suspendisse pharetra lectus conubia potenti lorem. in ad consequat consectetur integer odio hac, ipsum lobortis fames dolor aenean urna dictumst, vitae porta rhoncus netus hendrerit. accumsan vestibulum accumsan potenti convallis ullamcorper diam molestie, aliquam amet placerat neque faucibus magna sociosqu, praesent turpis odio praesent bibendum semper. lacinia mauris tellus dolor turpis cursus cubilia condimentum, aliquet neque lacus habitasse ultricies eget, dictum inceptos tincidunt consectetur nisi egestas. imperdiet nisl congue etiam accumsan felis, aliquet ornare fringilla curae rutrum, pellentesque risus maecenas eget. ');][1]

weirdsha1.php

<?php
$conn = mysqli_connect('localhost','root','toor','problem') or die("Connection Failed");
$result = mysqli_query($conn,"SELECT `task_specific_notes` FROM `fcb_task` LIMIT 1") or die("query failed");
$task_specific_notes = null;
while($row = mysqli_fetch_assoc($result)){
    $task_specific_notes = $row['task_specific_notes'];
}

$post_SHA256 = 'Not calculated';
if($_SERVER['REQUEST_METHOD']=='POST'){
    $post_SHA256 = hash('sha256',$_POST['task_specific_notes']);
}


?>
<!DOCTYPE html>
<html>
<body>
<form method="post">
<textarea readonly="readonly" name="task_specific_notes" rows="15" cols="80"><?php echo $task_specific_notes;?></textarea>
<br>
<input type="submit">
</form>
<p>sha256 of database value: <?php echo hash('sha256',$task_specific_notes); ?></p>
<p>sha256 of string submitted :<?php if(isset($post_SHA256)) echo $post_SHA256; ?></p>
</body>
</html>

我认为涉及字符编码,但无法确定确切的问题。

enter image description here

1 个答案:

答案 0 :(得分:1)

通过

查看字符串的字节流
foo($_POST['task_specific_notes']);
foo($task_specific_notes);

function foo($s) {
    echo '<pre>';
    for($i=0;$i<strlen($s); $i++) {
        printf('%02X ', ord($s[$i]));
    }
    echo '</pre>';
}

与MySQL服务器的连接有一个编码&#34;附加&#34;它也是如此 因此,例如,如果来自浏览器的输入是utf-8编码但MySQL连接使用latin-1,则可以轻松获得不同编码的字符串。

另见: