php登陸頁的密碼處理方式分享

控制器裡面：elseif(!$model->validatePassword($data->password))

復制代碼 代碼如下:
<?php

 

class XBaseModel extends CActiveRecord
{
    /**
     * 檢測用戶密碼
     *
     * @return boolean
     */
    public function validatePassword ($password)
    {
        return $this->hashPassword($this->password) === $password;
    }

    /**
     * 密碼進行加密
     * @return string password
     */
    public function hashPassword ($password)
    {
        return md5($password);
    }

}

或是：

if ($user && $user->password == $user->hashPassword($this->password, $user->salt)) {

復制代碼 代碼如下:
public function validatePassword($password) {
        return $this->hashPassword($password, $this->salt) === $this->password;
    }

 public function hashPassword($password, $salt) {
        return md5(md5($password) . $salt);
    }

public function generateSalt() {
$str = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$len = strlen($str) - 1;
$string = '';
for ($i = 0; $i < 6; $i++) {
$string .= $str[mt_rand(0, $len)];
}
return $string;
}

或是：

復制代碼 代碼如下:
public function validatePassword($password) {

        return $this->hashPassword($password,$this->salt)===$this->password;
    }

 
    public function hashPassword($password,$salt)
    {
        return md5($salt.$password);
    }

 
    protected function generateSalt()
    {
        return uniqid('',true);
    }

注意：如果有salt，數據庫裡面字段要有salt。。