php - md5 doesnt work with certain characters -
I have established the login / registration script for my website and I used MD5 to encrypt my password I'm just setting up a change password section above but it was seen that I can only change my password when it has alphanumerics. For example if my old password stack was 123 and I changed it to overflow 123 then it would work perfectly. But if I change it from stack 123 to stack! This will not happen and for this reason, this will not be guessed because of an exclamation mark in this case. Can anyone tell me why this happens? Do not use MD5 You should use new or better (if you have less)
Less than PHP 5.5) To make the password more secure, use a different salt for every user (this is only a string filled with random characters) and it prevents passwords in the database.
This is a function to generate a random string (the length of $ determines the length of the string returned):
generated function ($ length) {$ Dummy = array_merge (category ('0', '9'), range ('a', 'z'), range ('a', 'z')); Shuffle ($ dummy); Return substrate (implode ('', $ dummy), 0, $ length); }
This is a code snippet for PHP hashing API:
function my_password_hash ($ salt, $ password) {$ phpapi_options = array ("algo "= & Gt; PASSWORD_BCRYPT," salt "=> mcrypt_create_iv (22, MCRYPT_DEV_URANDOM)," cost "=> 11); Return password_hash (sha1 ($ salt. $ Password), $ phpapi_options ['algo'], $ phpapi_options); } Function my_password_verify ($ salt, $ password, $ hash) {return password_verify (sha1 ($ salt. $ Password), $ hash); }
my_password_hash () creates a hash for the given salt and password My_password_verify () with the hash stored password (user input) and salt (from db) in your database Verifies.
This is a code snippet with hash_hmac ():
function my_password_hash ($ salt, $ password) {$ hash_key = ""; // Define a 10 character long random generated string here (it should always be the same) if (empty ($ hash_key)) (die ('you have to enter a valid hash key');} return hash_mahac ("sha 512 ", sha1 ($ salt. $ Password), $ hash_key);} function my_password_verify ($ salt, $ password, $ hash) {if ($ hash == my_password_hash ($ salt, $ password)) {return true; } Other {return false;}}
I hope this helps a bit, if not, or if you have any questions, just ask Cen.
Comments
Post a Comment