Discuz 用户的密码,加密密码存储在pre_ucenter_members , 验证密码公式: uc 用户表中的password == md5(md5(用户明文密码). uc用户表中密钥salt)php
因此更新用户密码能够这样:mysql
$uid = 1; $password = 'xxxxxx; $salt = $mysql->resultOne("SELECT salt FROM {$tablepre}ucenter_members WHERE uid=$uid"); $password = md5(md5($password). $salt); $result = $mysql->query("UPDATE {$tablepre}ucenter_members SET password='$password' where uid='$uid'"); var_dump($result);
Uc_server 创始人加密密码和密钥是存储在配置文件uc_server/data/config.inc.php中的。sql
define('UC_FOUNDERPW', '245386430f4ab01e8478cbf7b9xxxxxc');
define('UC_FOUNDERSALT', 'ssx773');
ui
看看这句就很明了了this
UC_FOUNDERPW == md5(md5($oldpw).UC_FOUNDERSALT)加密
uc_server/control/admin/admin.php function onls 更多spa
if(UC_FOUNDERPW == md5(md5($oldpw).UC_FOUNDERSALT)) { $configfile = UC_ROOT.'./data/config.inc.php'; if(!is_writable($configfile)) { $status = -4; } else { if($newpw != $newpw2) { $status = -6; } else { $config = file_get_contents($configfile); $salt = substr(uniqid(rand()), 0, 6); $md5newpw = md5(md5($newpw).$salt); $config = preg_replace("/define\('UC_FOUNDERSALT',\s*'.*?'\);/i", "define('UC_FOUNDERSALT', '$salt');", $config); $config = preg_replace("/define\('UC_FOUNDERPW',\s*'.*?'\);/i", "define('UC_FOUNDERPW', '$md5newpw');", $config); $fp = @fopen($configfile, 'w'); @fwrite($fp, $config); @fclose($fp); $status = 2; $this->writelog('admin_pw_edit'); } } }