php 显示数据库中的非散列密码[重复]

yh2wf1be  于 2023-04-10  发布在  PHP
关注(0)|答案(1)|浏览(105)

此问题已在此处有答案

How to show hashed password(5个答案)
16小时前关闭.

<?php

if(isset($_GET['edit_user'])){
    $the_user_id = $_GET['edit_user'];

$query = "SELECT * FROM users WHERE user_id = $the_user_id ";
$select_user_by_id = mysqli_query($connection, $query);
test_query($select_user_by_id);

while($row = mysqli_fetch_assoc($select_user_by_id)){
    $user_id = $row['user_id'];
    $user_username = $row['user_username'];
    $user_firstname = $row['user_firstname'];
    $user_lastname = $row['user_lastname'];
    $user_image = $row['user_image'];
    $user_email = $row['user_email'];
    $user_password = $row['user_password'];
    $user_role = $row['user_role'];
    
}


if(isset($_POST['update_user'])){

    $user_username = $_POST['user_username'];
    $user_firstname = $_POST['user_firstname'];
    $user_lastname = $_POST['user_lastname'];
    $user_image = $_FILES['user_image']['name'];
    $user_image_temp = $_FILES['user_image']['tmp_name'];
    $user_email = $_POST['user_email'];
    $user_password = $_POST['user_password'];
    $user_role = $_POST['user_role'];

    move_uploaded_file($user_image_temp, "../images/$user_image");

    if(empty($user_image)){

        $query = "SELECT * FROM users WHERE user_id = $the_user_id ";
        $select_image = mysqli_query($connection, $query);
        
        while($row = mysqli_fetch_assoc($select_image)){
            $user_image = $row['user_image'];
        }

    }

    $query = "SELECT user_randomhash FROM users";
    $select_rand_query = mysqli_query($connection, $query);

    $row = mysqli_fetch_array($select_rand_query);
        $salt = $row['user_randomhash'];
        $hashed_password = crypt($user_password, $salt);

    $query = "UPDATE users SET ";
    $query .= "user_username = '{$user_username}', ";
    $query .= "user_firstname = '{$user_firstname}', ";
    $query .= "user_lastname = '{$user_lastname}', ";
    $query .= "user_image = '{$user_image}', ";
    $query .= "user_email = '{$user_email}', ";
    $query .= "user_password = '{$hashed_password}', ";
    $query .= "user_role = '{$user_role}' ";
    $query .= "WHERE user_id = {$the_user_id} ";

    $update_users = mysqli_query($connection, $query);

    test_query($update_users);
    header("Location: users.php?source=edit_user&edit_user=$user_id");
}

}

?>

你好,如果有人可以帮助我,这段代码的目标是编辑用户,这一切都很好,但是,我想要别的东西,我散列我的密码或加密我的密码什么,以确保它,$hashed_password = crypt($user_password, $salt);与此!
所以现在的问题是,当我更新整个用户,并再次去编辑,我想告诉我真实的的密码在密码的特定块,而不是从SQL或数据库散列密码!我会提供更多的信息,如果需要的!
还是谢谢你!

rdlzhqv9

rdlzhqv91#

您无法在合理的时间内恢复散列密码的纯文本,这就是散列密码的全部意义。Read this解释。

相关问题