加密密码列表
我有一个充满用户的数据库,我为使用代码生成了密码:
UPDATE users SET password = SUBSTRING(MD5(RAND()) FROM 1 FOR 8)
我制作了另一个表,其中仅包含用户电子邮件/密码以供快速参考
我现在想要加密主用户表上的密码。我尝试使用以下代码执行此操作,但它不起作用。有什么问题吗?
$query = "SELECT * FROM usersreference";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$password = $row['password'];
$email = $row['email'];
$encrypted_password = md5($password);
}
$query = 'UPDATE users SET password = "' . $encrypted_password . '" WHERE email = "' . $email . '"';
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
header('Location: index.php?page=Admin');
} else {
die("there was a problem");
}
mysql_close();
I have a database full of users who I generated passwords for using the code:
UPDATE users SET password = SUBSTRING(MD5(RAND()) FROM 1 FOR 8)
I made another table with just the users email / passwords for quick reference
I now want to encrypt the passwords on the main user table. I attempted this with the following code but it doesn't work. What's wrong with it?
$query = "SELECT * FROM usersreference";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$password = $row['password'];
$email = $row['email'];
$encrypted_password = md5($password);
}
$query = 'UPDATE users SET password = "' . $encrypted_password . '" WHERE email = "' . $email . '"';
$result = mysql_query($query);
if (mysql_affected_rows() == 1) {
header('Location: index.php?page=Admin');
} else {
die("there was a problem");
}
mysql_close();
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您可以使用 SQL 加密所有密码:
顺便说一句,PHP 代码中的 SQL 查询不起作用,因为
password是 MySQL 中的保留字,因此您需要反引号引用它。You can encrypt all passwords using SQL:
Btw, the SQL query in your PHP code doesn't work because
passwordis a reserved word in MySQL so you need to backtick-quote it.第一:“不起作用”没有帮助。您应该确定什么不起作用。您应该为自己定义在程序的每个阶段您期望看到什么以及实际得到什么。然后你就可以确定这两件事的分歧点。
问题 1:循环遍历选择查询的所有用户,但仅将最后一个用户保存到变量中。此外,如果您的选择不返回任何行,那么您将使用未初始化的变量执行更新。
问题 2:您的表中有一个名为“password”的列。这是mysql的保留关键字。您可以使用该名称,但您应该像这样引用它:
它可以在没有引号的情况下工作,但为什么要冒险......
除此之外,您的更新查询看起来是正确的。如果它没有更新任何内容,您应该使用 mysql 命令行或 phpmyadmin 等管理工具来测试运行它。
First: "Doesn't work" in not helpful. You should determine what doesn't work. You should define for yourself what you expect to see and what you actually get at every point of your program. Then you can determine where the two things diverge.
Issue 1: You loop through all users of your select query but only save the last one into your variable. Also if your select does not return any rows then you'll be performing the update with uninitialized variables.
Issue 2: Your table has a column named "password". That is a reserved keyword with mysql. You can use that name but you should reference it like this instead:
It can work without the quotes but why take chances...
Other than that your update query looks correct. If it doesn't update anything you should test run it using the mysql command line or a management tool like phpmyadmin.
其他人已经给出解决方案了。但你的代码似乎也是错误的。您仅更新最后的结果。您应该将更新查询放在 while 循环中:
The others already gave solutions. But your code seems to be wrong too. You are only updating the last result. You should put the update query in the while loop: