php登陆页的密码处理方式分享

242 查看

控制器里面:elseif(!$model->validatePassword($data->password))

复制代码 代码如下:

<?php

 

class XBaseModel extends CActiveRecord
{
    /**
     * 检测用户密码
     *
     * @return boolean
     */
    public function validatePassword ($password)
    {
        return $this->hashPassword($this->password) === $password;
    }

    /**
     * 密码进行加密
     * @return string password
     */
    public function hashPassword ($password)
    {
        return md5($password);
    }

}

或是:

if ($user && $user->password == $user->hashPassword($this->password, $user->salt)) {

复制代码 代码如下:

public function validatePassword($password) {
        return $this->hashPassword($password, $this->salt) === $this->password;
    }

 public function hashPassword($password, $salt) {
        return md5(md5($password) . $salt);
    }

public function generateSalt() {
$str = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$len = strlen($str) - 1;
$string = '';
for ($i = 0; $i < 6; $i++) {
$string .= $str[mt_rand(0, $len)];
}
return $string;
}

或是:

复制代码 代码如下:

public function validatePassword($password) {

        return $this->hashPassword($password,$this->salt)===$this->password;
    }

 
    public function hashPassword($password,$salt)
    {
        return md5($salt.$password);
    }

 
    protected function generateSalt()
    {
        return uniqid('',true);
    }

注意:如果有salt,数据库里面字段要有salt。。