简单的问题。 我给服务器>客户端网络进行了maded,这个商店密码介绍了一个mysql数据库,服务器使用它来进行身份验证。
我想加盐。
if(Login_IsInChannelService(szLogin))
{
sys_log(0, "ChannelServiceLogin [%s]", szLogin);
DBManager::instance().ReturnQuery(
QID_AUTH_LOGIN,
dwKey,
p,
"SELECT '%s',password,social_id,id,status,availDt - NOW() > 0,"
"UNIX_TIMESTAMP(silver_expire),"
"UNIX_TIMESTAMP(gold_expire),"
"UNIX_TIMESTAMP(safebox_expire),"
"UNIX_TIMESTAMP(autoloot_expire),"
"UNIX_TIMESTAMP(fish_mind_expire),"
"UNIX_TIMESTAMP(marriage_fast_expire),"
"UNIX_TIMESTAMP(money_drop_rate_expire),"
"UNIX_TIMESTAMP(create_time) "
"FROM account WHERE login='%s'",
szPasswd,
szLogin
);
}
else
{
DBManager::instance().ReturnQuery(
QID_AUTH_LOGIN,
dwKey,
p,
"SELECT id,SHA2('%s',224),password,social_id,status,availDt - NOW() > 0,"
"UNIX_TIMESTAMP(silver_expire),"
"UNIX_TIMESTAMP(gold_expire),"
"UNIX_TIMESTAMP(safebox_expire),"
"UNIX_TIMESTAMP(autoloot_expire),"
"UNIX_TIMESTAMP(fish_mind_expire),"
"UNIX_TIMESTAMP(marriage_fast_expire),"
"UNIX_TIMESTAMP(money_drop_rate_expire),"
"UNIX_TIMESTAMP(create_time) "
"FROM account WHERE login='%s'",
szPasswd,
szLogin
);
}
实际上我使用sha2进行散列但仍然很容易找到散列。 有些想法我应该如何为hash添加salt? 这是负责sha2 hash
的行"SELECT id,SHA2('%s',224),password,social_id,status,availDt - NOW() > 0,"
如果您需要aditional信息告诉我。