0
在进入数据库之前,我该如何大写一个散列md5?如何在我的查询中大写一个散列md5?
我试过如下:
connection.query("UPDATE penguins SET password = UPPER(password)");
这工作,但它不大写是刚刚注册的用户。它会在数据库中大写其他每个md5散列。
这是我的INSERT查询:
var insertQuery = "INSERT INTO penguins (moderator, registrationdate, inventory, email, password, username, nickname) VALUES ('" + moderator + "','" + registrationdate + "','" + inventory + "','" + email + "', + MD5('" + password + "'), '" + username + "', '"+username+"')";
这是我的整个护照策略:
var moment = require('moment');
var datetime = moment().format('x')
var mysql = require('mysql');
var LocalStrategy = require('passport-local').Strategy;
var connection = mysql.createConnection({
host: 'localhost',
user: 'root',
password: 'root'
});
connection.query('USE kitsune');
// expose this function to our app using module.exports
module.exports = function(passport) {
// =========================================================================
// passport session setup ==================================================
// =========================================================================
// required for persistent login sessions
// passport needs ability to serialize and unserialize users out of session
// used to serialize the user for the session
passport.serializeUser(function(user, done) {
done(null, user.id);
});
// used to deserialize the user
passport.deserializeUser(function(id, done) {
connection.query("SELECT * FROM penguins WHERE id = " + id, function(err, rows) {
done(err, rows[0]);
});
});
// =========================================================================
// LOCAL SIGNUP ============================================================
// =========================================================================
// we are using named strategies since we have one for login and one for signup
// by default, if there was no name, it would just be called 'local'
passport.use('local-signup', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField: 'username',
passwordField: 'password',
gameusernameField: 'username',
nicknameField: 'nickname',
passReqToCallback: true // allows us to pass back the entire request to the callback
},
function(req, username, password, done) {
// here you read from req
const email = req.body.email
const nickname = req.body.nickname
const inventory = '%1'; // This is what the user gets on register. You can set this to anything that you want like: %1%2%3%4%5%6%7%8%9%10%11%12%13%14%15%16
const moderator = '0';
const registrationdate = datetime
passport.serializeUser(function(username, done) {
done(null, username);
});
// find a user whose email is the same as the forms email
// we are checking to see if the user trying to login already exists
connection.query("SELECT * FROM `penguins` WHERE `username` = '" + username + "'", function(err, rows) {
console.log(rows);
console.log("above row object");
if (err) return done(err);
if (rows.length) {
return done(null, false, req.flash('signupMessage', 'That username is already taken.'));
} else {
// if there is no user with that email
// create the user
var newUserMysql = new Object();
newUserMysql.registrationdate = registrationdate;
newUserMysql.moderator = moderator;
newUserMysql.inventory = inventory;
newUserMysql.email = email;
newUserMysql.password = password; // use the generateHash function in our user model
newUserMysql.username = username;
newUserMysql.nickname = nickname;
var insertQuery = "INSERT INTO penguins (moderator, registrationdate, inventory, email, password, username, nickname) VALUES ('" + moderator + "','" + registrationdate + "','" + inventory + "','" + email + "', + MD5('" + password + "'), '" + username + "', '"+username+"')";
console.log(insertQuery);
console.log('Query is rolling!');
connection.query(insertQuery, function(err, rows) {
newUserMysql.id = rows.insertId;
return done(null, newUserMysql);
});
}
});
}));
// =========================================================================
// LOCAL LOGIN =============================================================
// =========================================================================
// we are using named strategies since we have one for login and one for signup
// by default, if there was no name, it would just be called 'local'
passport.use('local-login', new LocalStrategy({
// by default, local strategy uses username and password, we will override with email
usernameField: 'email',
passwordField: 'password',
passReqToCallback: true // allows us to pass back the entire request to the callback
},
function(req, email, password, username, nickname, done) { // callback with email and password from our form
connection.query("SELECT * FROM `penguins` WHERE `username` = '" + username + "'", function(err, rows) {
if (err) return done(err);
if (!rows.length) {
return done(null, false, req.flash('loginMessage', 'No user found.')); // req.flash is the way to set flashdata using connect-flash
}
// if the user is found but the password is wrong
if (!(rows[0].password == password)) return done(null, false, req.flash('loginMessage', 'Oops! Wrong password.')); // create the loginMessage and save it to session as flashdata
// all is well, return successful user
return done(null, rows[0]);
});
}));
};
这工作!非常感谢!你也知道如果:在这里登记日期设置正确等? –
您的问题对于registrationdate不明确,如果您想在插入查询中设置注册日期,则可以使用NOW(),CURDATE()中的任何一个。如果这不是你的问题,请告诉我更多。 – Gaurav
它需要在UNIX时间,但它不会更新自己的数据库 –