Generally, our encryption adopts the MD5 encryption method: MD5 (variable ). However, yesterday we needed to integrate discuz's Forum and see that its encryption method is also like MD5, but the simple 123 encryption could not be decrypted. Later, I checked it online and found that it is not just a simple MD5 encryption, but an "MD5 + random ". Of course, this is safer.
The website is secure,ProgramNaturally, it's complicated...
Discuz encryption method: MD5 ($ password). $ salt), $ salt is a 6-digit random number.
When registering, use MD5 ($ password) as the user's password ). $ salt) encryption. $ salt is a 6-digit random number. here is one of my methods to obtain a 6-digit random number:
Function
Randstr ($ Len = 6 ){
$ Chars = 'abcdefghijklmnopqrstuvwxyz0123456789 ';
//
Characters to build the password from
Mt_srand (double) microtime () * 1000000 * getmypid ());
// Seed the random
Number generater (must be done)
$ Password = '';
While (strlen ($ password) <$ Len)
$ Password. = substr ($ chars, (mt_rand () % strlen ($ chars), 1 );
Return $ password;
}< br> $ salt = randstr (); assign randstr () to $ salt, and then use MD5 (MD5 (the password submitted by the member ). $ salt) encryption is enough, but do not forget to store $ salt in the database (uc_members table ).
during login, $ salt is retrieved based on the user name, And the password is matched with MD5 (MD5 (password submitted by the member). $ salt). If the password is the same, the login succeeds.