我有两个脚本,一个是verify.php和一个register.php。使用password_hash和SHA256加密和解密
在我的注册页面,我用这个..
$salt = hash('sha256', uniqid(mt_rand(), true) . $email);
$storedHash = $salt . $password;
for ($i = 0; $i < 50000; $i ++)
{
$storedHash = hash('sha256', $storedHash);
}
$sql = "INSERT INTO authentication (email, password, fname, lname, created_at) VALUES ('$email', '$storedHash', '$fname', '$lname', '$today')";
这里是我的用户登录类..
include 'dbinclude.php';
// Class User
class user {
var $username;
var $password;
var $hashed;
var $salt;
function loginUser() {
require 'dbinclude.php';
$sql = "SELECT * FROM authentication WHERE email='" . $this->u