我成功地为我创建的新帐户删除了密码,但是,当我使用以前的非散列密码登录时,我无法登录。但是当我使用散列密码时我可以登录。那么如何更新以前要进行哈希处理的密码呢?
这是更新php文件。
<?php
session_start();
$con=@mysql_connect("localhost","root","");
$dbcheck = mysql_select_db("buybranded");
if (!$dbcheck) {
echo mysql_error();
}
$userid = $_GET['user_id'];
$hashed = hash('sha512', $password); // where should i use this? or what should i do with it?
$sql = "UPDATE `users` SET
first_name = '$_POST[first_name]',
middle_name = '$_POST[middle_name]',
last_name = '$_POST[last_name]',
gender = '$_POST[gender]',
email = '$_POST[email]',
password = '$_POST[password]',
birth_date = '$_POST[birth_date]',
company = '$_POST[company]',
company_address = '$_POST[company_address]',
home_address = '$_POST[home_address]',
postal_code = '$_POST[postal_code]',
city = '$_POST[city]',
province = '$_POST[province]',
home_phone = '$_POST[home_phone]',
mobile_phone = '$_POST[mobile_phone]' WHERE id=$userid";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error($con));
}
header('refresh: 0;url=userdb.php');
$message = "User Successfully Updated";
echo("<script type='text/javascript'>alert('$message');</script>");
?>
答案 0 :(得分:1)
$hashed = hash('sha512', $_POST['password']);
然后在你的查询中使用$ hashed:
$sql = "...
password = '$hashed',
...";