使用 MD5 更改密码形式？

发布于 2024-11-29 21:07:50 字数 878 浏览 0 评论 0原文

我有更改用户密码的 php 代码。但是在我尝试了代码之后...提交新密码时..新密码在sql数据库中显示...我希望它是md5代码密码。你能用我的代码解决这个问题吗

if($_REQUEST['do'] == 'edit')
{
        $title = 'change password';
        $page  = $_POST['page'];
        $userId = safe($_POST['userId']);
        $passwd = safe($_POST['password']);
        $email  = safe($_POST['Email']);
        $passw2 = $_POST['password2'];

        if(md5($passwd) == $_SESSION['user']['password'])
        {
            if(empty($passw2))
            {
                $pass = $_SESSION['user']['password'];
            }
            else
            {
                $pass = $passw2;
            }
            $query = $db->query("UPDATE users SET email = '".$email."' , password = '".$pass."' WHERE Id = '".$userId."' ");
            if($query)
            {
                $msg = "password changed successfully";
            }

原文

I have the php code for changing user password. but after I tried the code... when submitting the new password.. the new password became revealed in the sql database ... I want it to be in md5 code password. can you please fix the problem with my code

if($_REQUEST['do'] == 'edit')
{
        $title = 'change password';
        $page  = $_POST['page'];
        $userId = safe($_POST['userId']);
        $passwd = safe($_POST['password']);
        $email  = safe($_POST['Email']);
        $passw2 = $_POST['password2'];

        if(md5($passwd) == $_SESSION['user']['password'])
        {
            if(empty($passw2))
            {
                $pass = $_SESSION['user']['password'];
            }
            else
            {
                $pass = $passw2;
            }
            $query = $db->query("UPDATE users SET email = '".$email."' , password = '".$pass."' WHERE Id = '".$userId."' ");
            if($query)
            {
                $msg = "password changed successfully";
            }

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

欢烬 2024-12-06 21:07:50

替换

$pass = $passw2;

为

$pass = hash('md5', $passw2);

Replace

$pass = $passw2;

with

$pass = hash('md5', $passw2);

回复收藏 0 原文

水溶 2024-12-06 21:07:50

$_SESSION['user']['password'] 被（假设）编码为 MD5，但从用户表单中获取的 passw2 是普通的。

您需要更改

$pass = $passw2;

为

$pass = md5($passw2);

在将密码提交到数据库之前，将密码编码为 md5。
并且使用新密码更改 $_SESSION['user']['password'] 或用户在同一会话中只能更改一次密码。

The $_SESSION['user']['password'] is (is suppoused) encoded as MD5 but the passw2 fetched from the user form is plain.

you need to change

$pass = $passw2;

$pass = md5($passw2);

to enconde as md5 the password before submit it to the database.
And also change the $_SESSION['user']['password'] with the new password or the user can change only one time the password in the same session.

回复收藏 0 原文

~没有更多了~