php 如何在 Laravel 中解密哈希密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/32701107/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to decrypt Hash Password in Laravel
提问by dev90
I have google this alot, but unfortunatilty found no working solution.
我已经谷歌了很多,但不幸的是没有找到有效的解决方案。
I know its a bad technique, but I need to send user its password by email.
我知道这是一种糟糕的技术,但我需要通过电子邮件向用户发送其密码。
I have manage to sent user Hash password, but i am unable to decrypt this password.
我已设法发送用户哈希密码,但我无法解密此密码。
The following is the procedure i am using.
以下是我正在使用的程序。
$results = DB::select("select * from dockl_users where email='" . Input::get('email') ."';");
foreach($results as $data){
$password= $data->password;
$email= $data->email;
}
Mail::send('passwordRecovery', array('email' =>$password), function($message)
{
$message->to(Input::get('email') )->subject('Password Recovery');
});
The above code send Encryptedpassword to the user by email but when i try to decrypt, it gives me following error message.
上面的代码Encrypted通过电子邮件将密码发送给用户,但是当我尝试解密时,它给了我以下错误消息。
$decrypt= Crypt::decrypt($data->password);
Invalid data.
无效数据。
throw new DecryptException("Invalid data.");
Kindly guide me how to achieve this..
请指导我如何实现这一目标..
回答by samlev
Short answer is that you don't 'decrypt' the password (because it's not encrypted - it's hashed).
简短的回答是你不“解密”密码(因为它没有加密 - 它是散列的)。
The long answer is that you shouldn't send the user their password by email, or any other way. If the user has forgotten their password, you should send them a password resetemail, and allow them to change their password on your website.
长的答案是你不应该通过电子邮件或任何其他方式向用户发送他们的密码。如果用户忘记了密码,您应该向他们发送密码重置电子邮件,并允许他们在您的网站上更改密码。
Laravel has most of this functionality built in (see the Laravel documentation- I'm not going to replicate it all here. Also available for versions 4.2and 5.0of Laravel).
Laravel 内置了大部分功能(请参阅Laravel 文档- 我不会在这里全部复制。也可用于Laravel 4.2和5.0版)。
For further reading, check out this 'blogoverflow' post: Why passwords should be hashed.
如需进一步阅读,请查看这篇 'blogoverflow' 帖子:Why passwords should be hashed。
回答by Alex
For compare hashed password with the plain text password string you can use the PHP password_verify
为了将散列密码与纯文本密码字符串进行比较,您可以使用 PHP password_verify
if(password_verify('1234567', $crypt_password_string)) {
// in case if "$crypt_password_string" actually hides "1234567"
}
