次のステートメントの使用法と、Zend Frameworkでの動作を教えてもらえますか?
setCredentialTreatment('SHA1(CONCAT(?、
salt
))');
次のステートメントの使用法と、Zend Frameworkでの動作を教えてもらえますか?
setCredentialTreatment('SHA1(CONCAT(?、
salt
))');
setCredentialTreatment
tells the auth adapter how to check the user supplied password against the one in the database (or whatever passwords are being checked again). In your example, the ?
is the placeholder representing the password and CONCAT()
and SHA1()
are both database functions. So this example will append the salt to the user-entered password and then hash them using SHA1.
This will result in a database query that looks similar to this:
SELECT id FROM users WHERE email = 'user@example.com' AND password = SHA1(CONCAT('password',salt))
You use setCredentialTreatment()
to change how the passwords are checked. For example if your passwords are just straight MD5 hashes, you'd instead use:
setCredentialTreatment('MD5(?)');
Try like this:
$auth = Zend_Auth::getInstance();
$authAdapter = new Zend_Auth_Adapter_DbTable(
Zend_Db_Table::getDefaultAdapter(),
'users',
'username',
'password',
"CONCAT('$this->_salt', sha(?))"
);
$authAdapter->setIdentity($username)
->setCredential($password);