0
我得到不同的哈希值爲數據庫檢索的字符串和通過HTML表單提交相同的值。(顯然)相同的字符串不同的哈希
我在做什麼錯?
數據庫:
SET NAMES utf8;
SET foreign_key_checks = 0;
SET time_zone = '+05:30';
SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
DROP TABLE IF EXISTS `fcb_task`;
CREATE TABLE `fcb_task` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`state` enum('unlocked','locked') CHARACTER SET latin1 NOT NULL,
`task_specific_notes` text CHARACTER SET latin1,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=ascii;
INSERT INTO `fcb_task` (`id`, `state`, `task_specific_notes`) VALUES
(529, 'unlocked', 'INCLUDED USERS:ONE USER PER LINE:\n1001921: Sudhamayi Gill\n1001931: Ananga Gupta\n----------------------------------------------------------------\nDESCRIPTION:\n elit ac molestie praesent convallis etiam metus in, augue sapien praesent pulvinar imperdiet class. sed fringilla eget pellentesque ullamcorper tincidunt congue dolor aliquet nulla, rutrum varius tortor dapibus mi gravida a sociosqu, cras ut sed curabitur sodales nibh feugiat sit. ipsum felis nam neque ultricies nibh libero luctus magna, mi arcu hendrerit purus consectetur duis etiam. molestie feugiat hac per semper sapien nisi etiam mollis, est sagittis auctor aliquet curae per pellentesque. luctus dolor magna eros dapibus facilisis massa cras molestie pulvinar, consequat suscipit rhoncus quisque lorem nulla diam odio ac nulla, tristique fermentum ut tempor faucibus fringilla eleifend scelerisque. \r\n erat sodales litora laoreet cursus mattis turpis duis metus ut iaculis, ipsum habitant fusce dui morbi in elit dictumst nisi tellus iaculis, praesent auctor senectus habitant pulvinar augue etiam augue ut. ad accumsan nunc etiam platea tempor at, enim aenean ultrices eleifend litora ad donec, gravida eleifend quis fames non. ut massa feugiat elementum ipsum rhoncus eleifend elit nibh etiam, semper dictumst adipiscing pulvinar nunc torquent eleifend donec. porttitor in et mauris dui ullamcorper at et tellus at, praesent neque turpis nisl arcu elit etiam ut consectetur, platea mauris gravida ante posuere sed accumsan mauris.\r\n\r\nnostra dapibus leo facilisis, iaculis. \r\n ut congue taciti suspendisse praesent auctor mauris massa vulputate, euismod nam tempus massa donec ornare dui nisi eleifend, augue suspendisse pharetra lectus conubia potenti lorem. in ad consequat consectetur integer odio hac, ipsum lobortis fames dolor aenean urna dictumst, vitae porta rhoncus netus hendrerit. accumsan vestibulum accumsan potenti convallis ullamcorper diam molestie, aliquam amet placerat neque faucibus magna sociosqu, praesent turpis odio praesent bibendum semper. lacinia mauris tellus dolor turpis cursus cubilia condimentum, aliquet neque lacus habitasse ultricies eget, dictum inceptos tincidunt consectetur nisi egestas. imperdiet nisl congue etiam accumsan felis, aliquet ornare fringilla curae rutrum, pellentesque risus maecenas eget. ');][1]
weirdsha1.php
<?php
$conn = mysqli_connect('localhost','root','toor','problem') or die("Connection Failed");
$result = mysqli_query($conn,"SELECT `task_specific_notes` FROM `fcb_task` LIMIT 1") or die("query failed");
$task_specific_notes = null;
while($row = mysqli_fetch_assoc($result)){
$task_specific_notes = $row['task_specific_notes'];
}
$post_SHA256 = 'Not calculated';
if($_SERVER['REQUEST_METHOD']=='POST'){
$post_SHA256 = hash('sha256',$_POST['task_specific_notes']);
}
?>
<!DOCTYPE html>
<html>
<body>
<form method="post">
<textarea readonly="readonly" name="task_specific_notes" rows="15" cols="80"><?php echo $task_specific_notes;?></textarea>
<br>
<input type="submit">
</form>
<p>sha256 of database value: <?php echo hash('sha256',$task_specific_notes); ?></p>
<p>sha256 of string submitted :<?php if(isset($post_SHA256)) echo $post_SHA256; ?></p>
</body>
</html>
我覺得字符編碼參與,但找不出確切的問題。
你應該用兩種文本的'的var_dump()'開始。 – jeroen
請將純文本作爲文本發佈,而不是截圖。重新調整以重現問題不會發生。 – tadman
有超過2000個字符必須在數據庫和'$ _POST'數據之間**絕對相同**嗎?摺疊的空格將會殺死匹配,因爲'newline'字符的變化 - 你確定這是你想要做的嗎?看起來......很脆弱。 – CD001