Using PHP password_hash return string inside html element id attribute, and select element by that id with jQuery

franciska · December 31, 2016, 2:20am

Hi,

I was wondering if it is possible to use with jQuery an hash string returned by the PHP function password_hash.
I want to use that hash for identify a particular element in the page.
This is my example, but, it throws an error as:
Syntax error, unrecognized expression: #$2y$10$gGtfwaitcXzQb/r6FCRE4uKu0hqPKh5jGHc29/FLPvMQWS0SvdRty

.
Please, can you tell me if is it possible to resolve that? Many thanks!

<?php
   $email = "email@domain.com";

   $hash = password_hash($email, PASSWORD_DEFAULT);
?>
<!DOCTYPE html>
<html lang='it'>
  <head>
    <title></title>
    <meta charset='utf-8'>
    <meta name='description' content=''>
    <meta name='keywords' content=''>
    <meta name='author' content=''>
    <meta name='robots' content='all'>
    <!-- <meta http-equiv='X-UA-Compatible' content='IE=edge'> -->
    <link href='/favicon.png' rel='shortcut icon' type='image/png'>
    <script src="https://code.jquery.com/jquery-3.1.0.min.js"></script>
    <script>
       $(function () {
          var hash = $("div[name='box']").attr("id");

          $('#' + hash).html("hello");

          console.log(hash);

       });
    </script>
  </head>
  <body>
    <p>Email:</p>
    <div name='box' id='<?= $hash ?>'></div>
  </body>
</html>

spaceshiptrooper · December 31, 2016, 6:01am

Why would you want to display a password hash? The password hash was meant to be a way one. It wasn’t supposed to be shown to clients nor the webmaster.

m3g4p0p · December 31, 2016, 11:24am

You have to escape special characters in CSS identifiers; have a look at the HTML spec and the jQuery API for details. It would probably be easier to just use a sha1 hash though.

franciska · January 1, 2017, 11:55am

It is a hash to insert inside a contact page of a website, instead of the clear contact email. I want to store an hash of that email in a db, write that hash in a element attribute of the html contact page. On loading the page, a query select retrieves the clear email from the db with the given hash, and show it to the client inside the element having an attribute value equal to that particular hash, all using an ajax call.

spaceshiptrooper · January 1, 2017, 7:42pm

I still don’t see the reason behind using password_hash. password_hash was meant for password encryption. I like it that you are thinking about using a strong hashing algorithm, but that’s not what password_hash is used for. Like @m3g4p0p said, sha1 is better suited for this. If you want to hash an email, then sha1 with a randomizer could work.

system · April 3, 2017, 2:43am

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.