本文介绍了密码不检查区分大小写的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在我创建的网站上有一个登录表单.我使用 PHP 来验证密码,密码存储在 MYSQL 数据库中.我面临的问题是密码不区分大小写.它接受不带字符的字符考虑到这种情况.我使用的是 Kubuntu linux 操作系统

I have a login form in a website which I have created.I have used PHP for verifying password,and password is stored in MYSQL database.The problem i'm facing is Password is not case sensitive.It accepts the characters without considering the case.I'm using Kubuntu linux OS

有人可以帮忙解决这个问题吗?我应该在 mysql/my.cnf 中为 COLLATION 使用什么值来避免这种情况?或者有其他解决方案吗?

Could anyone please help to solve this problem?.What value I should use for COLLATION in mysql/my.cnf to avoid this?Or is there any other solution for this?

非常感谢任何帮助.

谢谢.

推荐答案

您的 MySQL 排序规则可能不区分大小写.将存储密码的列更改为区分大小写的排序规则.

Your MySQL collation is probably case-insensitive. Change the column where the password is stored to a case-sensitive collation.

一些经验法则:

  • 当归类以 _ci 结尾时,不区分大小写.
  • 当归类以 _cs 结尾时,它区分大小写.

示例:

  • utf8_general_ci 不区分大小写.
  • utf8_bin 区分大小写

如果您遇到此问题,您可能存储的密码有误.您不应以纯文本形式存储密码,而应存储密码的哈希值,并对其进行适当的加盐.

If you are experiencing this problem, you are probably storing the passwords wrong. You should not store the passwords in plain text, but you should store a hash of the password instead, and salt it properly.

然后,当用户登录时,您对他的条目进行散列,并将散列与您的数据库保存的内容进行比较.当两者相等时,用户可能输入了正确的密码.

Then, when a user logs in, you hash his entry, and compare the hash with what your DB holds. When both equal, the user probably entered a correct password.

这篇关于密码不检查区分大小写的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-02 14:24