![]() The available features are: encrypt-then-authenticate using symmetric ciphers (the authentication. Now you take the value of 'Password' dump it into your hashing function and either save it or compare it. ZendCrypt provides support of some cryptographic tools. I am trying to do the following: value '123' encrypt new ZendFilterEncrypt() encrypt-> setVector('12345678901234567890') encrypted. Zend_Validate_StringLength::TOO_SHORT =>'Password is too short' >addValidator('StringLength',false,array('min' => 6, ![]() $password = new Zend_Form_Element_Password('Password') Also if the implementation of those filters ever change, that could break your hashes as well. Encrypt and Decrypt Zend Framework 2 2.3.7 documentation Zend Framework 2 release-2.3. Remove the INVALID message, this is not the place where you will validate the password (that happens in your auth() functions), all this validator does is validate the format.Īgain remove the MaxLength attribute - you don't care how long the password is, let them use the first chapter of Moby Dick if it makes the user feel better.īe careful about the filters you use in your password element because if you ever change or remove them you'll probably break most of the password hashes in your database. Remove the 'max' value in the validator, you don't care how long the password is as long as it has a minimum length (your going to hash the password to a specific length anyway). ![]() You never want to see or display a password, you don't care what the value is all you care about is that the inputted password value hashes to the value in your database. ![]() It looks like your password element is a little busier then it really needs to be. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |