小贝子编程

显示来自数据库的非哈希密码


<?php
if(isset($_GET['edit_user'])){
$the_user_id = $_GET['edit_user'];

$query = "SELECT * FROM users WHERE user_id = $the_user_id ";
$select_user_by_id = mysqli_query($connection, $query);
test_query($select_user_by_id);

while($row = mysqli_fetch_assoc($select_user_by_id)){
$user_id = $row['user_id'];
$user_username = $row['user_username'];
$user_firstname = $row['user_firstname'];
$user_lastname = $row['user_lastname'];
$user_image = $row['user_image'];
$user_email = $row['user_email'];
$user_password = $row['user_password'];
$user_role = $row['user_role'];

}

if(isset($_POST['update_user'])){
$user_username = $_POST['user_username'];
$user_firstname = $_POST['user_firstname'];
$user_lastname = $_POST['user_lastname'];
$user_image = $_FILES['user_image']['name'];
$user_image_temp = $_FILES['user_image']['tmp_name'];
$user_email = $_POST['user_email'];
$user_password = $_POST['user_password'];
$user_role = $_POST['user_role'];
move_uploaded_file($user_image_temp, "../images/$user_image");
if(empty($user_image)){
$query = "SELECT * FROM users WHERE user_id = $the_user_id ";
$select_image = mysqli_query($connection, $query);

while($row = mysqli_fetch_assoc($select_image)){
$user_image = $row['user_image'];
}
}
$query = "SELECT user_randomhash FROM users";
$select_rand_query = mysqli_query($connection, $query);
$row = mysqli_fetch_array($select_rand_query);
$salt = $row['user_randomhash'];
$hashed_password = crypt($user_password, $salt);
$query = "UPDATE users SET ";
$query .= "user_username = '{$user_username}', ";
$query .= "user_firstname = '{$user_firstname}', ";
$query .= "user_lastname = '{$user_lastname}', ";
$query .= "user_image = '{$user_image}', ";
$query .= "user_email = '{$user_email}', ";
$query .= "user_password = '{$hashed_password}', ";
$query .= "user_role = '{$user_role}' ";
$query .= "WHERE user_id = {$the_user_id} ";
$update_users = mysqli_query($connection, $query);
test_query($update_users);
header("Location: users.php?source=edit_user&edit_user=$user_id");
}
}
?>

你好,如果有人可以帮助我那里,这段代码的目标是编辑用户,这是正常工作的一切,但是,我想要别的东西,我散列了我的密码或加密了我的密码,以确保它,$hashed_password = crypt($user_password, $salt);!

所以现在的问题是,当我更新整个用户,再次去编辑,我想显示我真实的密码在密码的特定块,而不是从SQL或数据库散列密码!如果需要,我会提供更多的信息!

谢谢!

您无法在合理的时间内恢复散列密码的纯文本,这就是散列密码的全部意义所在。请阅读这篇文章以获得解释。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium