找到你要的答案

Q:Yii Password Encryption

Q:Yii的密码加密

I can't understnad why this is not working. This code snippt is in my userscontroller.php Does it need to be elsewhere?

public function actionCreate()
{
    $model=new Users;

    // Uncomment the following line if AJAX validation is needed
    // $this->performAjaxValidation($model);

    if(isset($_POST['Users']))
    {
        $model->attributes=$_POST['Users'];
        $model->password = crypt_SHA_512($model->password,'salt');
        if($model->save())
            $this->redirect(array('view','id'=>$model->users_id));
    }

    $this->render('create',array(
        'model'=>$model,
    ));
}

我不明白为什么这是不工作的。此代码snippt是我userscontroller.php是否需要其他地方?

public function actionCreate()
{
    $model=new Users;

    // Uncomment the following line if AJAX validation is needed
    // $this->performAjaxValidation($model);

    if(isset($_POST['Users']))
    {
        $model->attributes=$_POST['Users'];
        $model->password = crypt_SHA_512($model->password,'salt');
        if($model->save())
            $this->redirect(array('view','id'=>$model->users_id));
    }

    $this->render('create',array(
        'model'=>$model,
    ));
}
answer1: 回答1:

You are making one mistake of not handling errors, and this is why you cannot understand why this is not working.

Use this snippet to understand why.

 if($model->save())
     $this->redirect(array('view','id'=>$model->users_id));
 else
     print_r($model->getErrors());

The correct way would be to call the model validate() function before saving, and display the error in your view.

 if ($model->validate()) {
    if ($model->save()) {
        $this->redirect(array('view','id'=>$model->users_id));
    }
 }

 $this->render('create',array(
        'model'=>$model
 ));

and in your view :

<?php 
    $form=$this->beginWidget('CActiveForm' ...);
 ?>

  <?php echo $form->errorSummary($model); ?>

  <div class="row">
      <?php echo $form->labelEx($model,'username'); ?>
      <?php echo $form->textField($model,'username'); ?>
      <?php echo $form->error($model,'username'); ?>
  </div>

你犯了一个错误,不处理错误,这就是为什么你不能理解为什么这是不工作。

使用这段代码的理解。

 if($model->save())
     $this->redirect(array('view','id'=>$model->users_id));
 else
     print_r($model->getErrors());

正确的方法是在保存之前调用模型validate()功能,并在你的视图中显示的错误。

 if ($model->validate()) {
    if ($model->save()) {
        $this->redirect(array('view','id'=>$model->users_id));
    }
 }

 $this->render('create',array(
        'model'=>$model
 ));

在你看来:

<?php 
    $form=$this->beginWidget('CActiveForm' ...);
 ?>

  <?php echo $form->errorSummary($model); ?>

  <div class="row">
      <?php echo $form->labelEx($model,'username'); ?>
      <?php echo $form->textField($model,'username'); ?>
      <?php echo $form->error($model,'username'); ?>
  </div>
answer2: 回答2:

Generate a salt and encode password by:

$salt = substr(str_shuffle("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345‌​6789"), 0, 8);
$model->password = crypt($passwordInput, '$6$'.$salt);// '$6$' for SHA_512

And for confirmation:

if (crypt($passwordInput, $hashed) == $hashed) { 
  // Valid action
} else { 
  // Invalid action
}

Alternatively:

You can use Yii password helper.

Hash your password by:

$model->password = CPasswordHelper::hashPassword($password);

And for confirmation:

if (CPasswordHelper::verifyPassword($password, $hash))
    // password is good
else
    // password is bad

生成一个盐和密码:

$salt = substr(str_shuffle("./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345‌​6789"), 0, 8);
$model->password = crypt($passwordInput, '$6$'.$salt);// '$6$' for SHA_512

并确认:

if (crypt($passwordInput, $hashed) == $hashed) { 
  // Valid action
} else { 
  // Invalid action
}

另外:

你可以使用Yii密码助手。

散列您的密码:

$model->password = CPasswordHelper::hashPassword($password);

并确认:

if (CPasswordHelper::verifyPassword($password, $hash))
    // password is good
else
    // password is bad
php  yii