我自己做了一个网站,但是要访问是ecshop的users表来实现登录,但是ecshop的users密码加密了,查看了ecshop的compile_password方法,还是不明白该怎么使用加密这个方法。<?php
function compile_password ($cfg)
{
//var_dump($cfg);
if (isset($cfg['password']))
{
$cfg['md5password'] = md5($cfg['password']);
}
if (empty($cfg['type']))
{
$cfg['type'] = PWD_MD5;
} switch ($cfg['type'])
{
case PWD_MD5 :
if(!empty($cfg['ec_salt']))
{
return md5($cfg['md5password'].$cfg['ec_salt']);
}
else
{
return $cfg['md5password'];
} case PWD_PRE_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['salt'] . $cfg['md5password']); case PWD_SUF_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['md5password'] . $cfg['salt']); default:
return '';
}
}
$con=mysql_connect("localhost","admin","");if (!$con){
die('Could not connect: ' . mysql_error());
}
$command=mysql_select_db("yihaichao",$con);
mysql_query('SET NAMES gbk');
if(!$command){
exit('连接数据库失败');
}
if(!isset($_POST['submit'])){
exit('传值失败');
}
$passowrd=$_POST['password'];
$username=$_POST['username'];
$passowrd=md5($password);
echo $passowrd;
if($username && $passowrd){
$result = mysql_query("SELECT * FROM yhc_users WHERE user_name='$username' and password='$password'");
$row=mysql_num_rows($result);
if($row){
echo "<script language=javascript>alert('登录成功');history.back();</script>";
//header("refresh:0;url=login.php");
//exit;
}
echo "<script language=javascript>alert('账户或者密码错误');history.back();</script>";
}else{
echo "<script language=javascript>alert('不能为空');history.back();</script>";
}?>
function compile_password ($cfg)
{
//var_dump($cfg);
if (isset($cfg['password']))
{
$cfg['md5password'] = md5($cfg['password']);
}
if (empty($cfg['type']))
{
$cfg['type'] = PWD_MD5;
} switch ($cfg['type'])
{
case PWD_MD5 :
if(!empty($cfg['ec_salt']))
{
return md5($cfg['md5password'].$cfg['ec_salt']);
}
else
{
return $cfg['md5password'];
} case PWD_PRE_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['salt'] . $cfg['md5password']); case PWD_SUF_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['md5password'] . $cfg['salt']); default:
return '';
}
}
$con=mysql_connect("localhost","admin","");if (!$con){
die('Could not connect: ' . mysql_error());
}
$command=mysql_select_db("yihaichao",$con);
mysql_query('SET NAMES gbk');
if(!$command){
exit('连接数据库失败');
}
if(!isset($_POST['submit'])){
exit('传值失败');
}
$passowrd=$_POST['password'];
$username=$_POST['username'];
$passowrd=md5($password);
echo $passowrd;
if($username && $passowrd){
$result = mysql_query("SELECT * FROM yhc_users WHERE user_name='$username' and password='$password'");
$row=mysql_num_rows($result);
if($row){
echo "<script language=javascript>alert('登录成功');history.back();</script>";
//header("refresh:0;url=login.php");
//exit;
}
echo "<script language=javascript>alert('账户或者密码错误');history.back();</script>";
}else{
echo "<script language=javascript>alert('不能为空');history.back();</script>";
}?>
如果你需要知道如何使用,这少要找到使用的地方。瞎猜是没有用的2、$passowrd=$_POST['password'];
$username=$_POST['username'];
$passowrd=md5($password);
echo $passowrd;
if($username && $passowrd){
$result = mysql_query("SELECT * FROM yhc_users WHERE user_name='$username' and password='$password'");只是使用了口令的MD5值另外 if($username && $passowrd){
是残废的,空串也有MD5值,$passowrd 不可能为空,无需检查