我自己做了一个网站,但是要访问是ecshop的users表来实现登录,但是ecshop的users密码加密了,查看了ecshop的compile_password方法,还是不明白该怎么使用加密这个方法。<?php
function compile_password ($cfg)
{
//var_dump($cfg);
if (isset($cfg['password']))
{
$cfg['md5password'] = md5($cfg['password']);
}
if (empty($cfg['type']))
{
$cfg['type'] = PWD_MD5;
} switch ($cfg['type'])
{
case PWD_MD5 :
if(!empty($cfg['ec_salt']))
{
return md5($cfg['md5password'].$cfg['ec_salt']);
}
else
{
return $cfg['md5password'];
} case PWD_PRE_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['salt'] . $cfg['md5password']); case PWD_SUF_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['md5password'] . $cfg['salt']); default:
return '';
}
}
$con=mysql_connect("localhost","admin","");if (!$con){
die('Could not connect: ' . mysql_error());
}
$command=mysql_select_db("yihaichao",$con);
mysql_query('SET NAMES gbk');
if(!$command){
exit('连接数据库失败');
}
if(!isset($_POST['submit'])){
exit('传值失败');
}
$passowrd=$_POST['password'];
$username=$_POST['username'];
$passowrd=md5($password);
echo $passowrd;
if($username && $passowrd){
$result = mysql_query("SELECT * FROM yhc_users WHERE user_name='$username' and password='$password'");
$row=mysql_num_rows($result);
if($row){
echo "<script language=javascript>alert('登录成功');history.back();</script>";
//header("refresh:0;url=login.php");
//exit;
}
echo "<script language=javascript>alert('账户或者密码错误');history.back();</script>";
}else{
echo "<script language=javascript>alert('不能为空');history.back();</script>";
}?>
function compile_password ($cfg)
{
//var_dump($cfg);
if (isset($cfg['password']))
{
$cfg['md5password'] = md5($cfg['password']);
}
if (empty($cfg['type']))
{
$cfg['type'] = PWD_MD5;
} switch ($cfg['type'])
{
case PWD_MD5 :
if(!empty($cfg['ec_salt']))
{
return md5($cfg['md5password'].$cfg['ec_salt']);
}
else
{
return $cfg['md5password'];
} case PWD_PRE_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['salt'] . $cfg['md5password']); case PWD_SUF_SALT :
if (empty($cfg['salt']))
{
$cfg['salt'] = '';
} return md5($cfg['md5password'] . $cfg['salt']); default:
return '';
}
}
$con=mysql_connect("localhost","admin","");if (!$con){
die('Could not connect: ' . mysql_error());
}
$command=mysql_select_db("yihaichao",$con);
mysql_query('SET NAMES gbk');
if(!$command){
exit('连接数据库失败');
}
if(!isset($_POST['submit'])){
exit('传值失败');
}
$passowrd=$_POST['password'];
$username=$_POST['username'];
$passowrd=md5($password);
echo $passowrd;
if($username && $passowrd){
$result = mysql_query("SELECT * FROM yhc_users WHERE user_name='$username' and password='$password'");
$row=mysql_num_rows($result);
if($row){
echo "<script language=javascript>alert('登录成功');history.back();</script>";
//header("refresh:0;url=login.php");
//exit;
}
echo "<script language=javascript>alert('账户或者密码错误');history.back();</script>";
}else{
echo "<script language=javascript>alert('不能为空');history.back();</script>";
}?>
解决方案 »
- 菜鸟请教一个PHP的问题
- 有人在用新浪云或者阿里云的托管应用吗?
- ob_start()和flush()的apache和IIS中效果不同的问题?
- 怎么找出数组中重复了的值是什么什么值?
- 请教一个伪静态规则的写法
- PHP中转义字符及变量无效的问题?
- 安装mysql5.0时,选择哪个字符集,是默认的latin1还是选择gbk?
- 有这样的sql语法吗?id等于1 2 3,三记录同时存在。
- apache 2.2.0+mysql 5.0.18+php 5.1.1编译安装成功
- 各位,我始终不明白为什么在PHP,JSP里面,有了SESSION,还要用COOKIE?
- php中js的alert()弹出乱码,而页面其他部分是正常的
- 关于curl时提示“ couldn't connect to host ”的错误信息
如果你需要知道如何使用,这少要找到使用的地方。瞎猜是没有用的2、$passowrd=$_POST['password'];
$username=$_POST['username'];
$passowrd=md5($password);
echo $passowrd;
if($username && $passowrd){
$result = mysql_query("SELECT * FROM yhc_users WHERE user_name='$username' and password='$password'");只是使用了口令的MD5值另外 if($username && $passowrd){
是残废的,空串也有MD5值,$passowrd 不可能为空,无需检查