在我托管网站后密码盐不起作用
password salt is not working after I hosted the website
我创建了一个可以下载电影和电视剧的小网站。我在那里添加了一个用户注册和登录系统。我使用 xampp 最新版本(php 版本 5.6.19)查看网站。在注册 php 文件中,我添加了密码加盐技术。它在 xampp 中完美运行。在我托管我的网站后,它没有用。密码盐不会生成并存储在数据库中。但用户名、电子邮件和密码已成功进入数据库。
register.php
<?php
require_once 'core/init.php';
if(Input::exists()){
$user = new User();
$salt = Hash::salt(32);
try{
$user->create(array(
'uname' => Input::get('uname'),
'mail' => Input::get('mail'),
'pass' => Hash::make(Input::get('pass'), $salt),
'salt' => $salt
));
Session::flash('home', 'You have registered successfully now you can log in !');
Redirect::to('index.html');
}catch(Exception $e){
die($e->getMessage());
}
}
?>
hash.php
<?php
class Hash{
public static function make($string, $salt = ''){
return hash('sha256', $string . $salt);
}
public static function salt($length){
return mcrypt_create_iv($length);
}
public static function unique(){
return self::make(uniqid());
}
}
user.php
<?php
class User{
private $_db,
$_data,
$_sessionName,
$_cookieName,
$_isLoggedIn;
public function __construct($user = null){
$this->_db = DB::getInstance();
$this->_sessionName = Config::get('session/session_name');
$this->_cookieName = Config::get('remember/cookie_name');
if(!$user){
if(Session::exists($this->_sessionName)){
$user = Session::get($this->_sessionName);
if($this->find($user)){
$this->_isLoggedIn = true;
}else{
//process logout
}
}
}else{
$this->find($user);
}
}
public function create($fields = array()){
if(!$this->_db->insert('users', $fields)){
throw new Exception('There was a problem creating an account !');
}
}
public function find($user = null){
if($user){
$field = (is_numeric($user)) ? 'id' : 'uname';
$data = $this->_db->get('users', array($field, '=', $user));
if($data->count()){
$this->_data = $data->first();
return true;
}
return false;
}
}
public function login($username = null, $password = null, $remember = false ){
if(!$username && !$password && $this->exists()){
Session::put($this->_sessionName, $this->data()->id);
}else{
$user = $this->find($username);
if($user){
if($this->data()->pass === Hash::make($password, $this->data()->salt)){
Session::put($this->_sessionName, $this->data()->id);
if($remember){
$hash = Hash::unique();
$hashCheck = $this->_db->get('users_session', array('user_id', '=', $this->data()->id));
if(!$hashCheck->count()){
$this->_db->insert('users_session',array(
'user_id' => $this->data()->id,
'hash' => $hash
));
}else{
$hash = $hashCheck->first()->hash;
}
Cookie::put($this->_cookieName, $hash, Config::get('remember/cookie_expiry'));
}
return true;
}
}
}
return false;
}
public function exists(){
return (!empty($this->_data)) ? true : false;
}
public function logout(){
$this->_db->delete('users_session', array('user_id', '=', $this->data()->id));
Session::delete($this->_sessionName);
Cookie::delete($this->_cookieName);
}
public function data(){
return $this->_data;
}
public function isLoggedIn(){
return $this->_isLoggedIn;
}
}
可能导致问题的原因...
检查您的 hash 功能是否被您的虚拟主机上的 PHP 安装支持。
您可以在 salt 函数中尝试这个 - bin2hex(mcrypt_create_iv(30, MCRYPT_DEV_RANDOM))
我创建了一个可以下载电影和电视剧的小网站。我在那里添加了一个用户注册和登录系统。我使用 xampp 最新版本(php 版本 5.6.19)查看网站。在注册 php 文件中,我添加了密码加盐技术。它在 xampp 中完美运行。在我托管我的网站后,它没有用。密码盐不会生成并存储在数据库中。但用户名、电子邮件和密码已成功进入数据库。
register.php
<?php
require_once 'core/init.php';
if(Input::exists()){
$user = new User();
$salt = Hash::salt(32);
try{
$user->create(array(
'uname' => Input::get('uname'),
'mail' => Input::get('mail'),
'pass' => Hash::make(Input::get('pass'), $salt),
'salt' => $salt
));
Session::flash('home', 'You have registered successfully now you can log in !');
Redirect::to('index.html');
}catch(Exception $e){
die($e->getMessage());
}
}
?>
hash.php
<?php
class Hash{
public static function make($string, $salt = ''){
return hash('sha256', $string . $salt);
}
public static function salt($length){
return mcrypt_create_iv($length);
}
public static function unique(){
return self::make(uniqid());
}
}
user.php
<?php
class User{
private $_db,
$_data,
$_sessionName,
$_cookieName,
$_isLoggedIn;
public function __construct($user = null){
$this->_db = DB::getInstance();
$this->_sessionName = Config::get('session/session_name');
$this->_cookieName = Config::get('remember/cookie_name');
if(!$user){
if(Session::exists($this->_sessionName)){
$user = Session::get($this->_sessionName);
if($this->find($user)){
$this->_isLoggedIn = true;
}else{
//process logout
}
}
}else{
$this->find($user);
}
}
public function create($fields = array()){
if(!$this->_db->insert('users', $fields)){
throw new Exception('There was a problem creating an account !');
}
}
public function find($user = null){
if($user){
$field = (is_numeric($user)) ? 'id' : 'uname';
$data = $this->_db->get('users', array($field, '=', $user));
if($data->count()){
$this->_data = $data->first();
return true;
}
return false;
}
}
public function login($username = null, $password = null, $remember = false ){
if(!$username && !$password && $this->exists()){
Session::put($this->_sessionName, $this->data()->id);
}else{
$user = $this->find($username);
if($user){
if($this->data()->pass === Hash::make($password, $this->data()->salt)){
Session::put($this->_sessionName, $this->data()->id);
if($remember){
$hash = Hash::unique();
$hashCheck = $this->_db->get('users_session', array('user_id', '=', $this->data()->id));
if(!$hashCheck->count()){
$this->_db->insert('users_session',array(
'user_id' => $this->data()->id,
'hash' => $hash
));
}else{
$hash = $hashCheck->first()->hash;
}
Cookie::put($this->_cookieName, $hash, Config::get('remember/cookie_expiry'));
}
return true;
}
}
}
return false;
}
public function exists(){
return (!empty($this->_data)) ? true : false;
}
public function logout(){
$this->_db->delete('users_session', array('user_id', '=', $this->data()->id));
Session::delete($this->_sessionName);
Cookie::delete($this->_cookieName);
}
public function data(){
return $this->_data;
}
public function isLoggedIn(){
return $this->_isLoggedIn;
}
}
可能导致问题的原因...
检查您的 hash 功能是否被您的虚拟主机上的 PHP 安装支持。
您可以在 salt 函数中尝试这个 - bin2hex(mcrypt_create_iv(30, MCRYPT_DEV_RANDOM))