Pedroski55

At the moment, the student enters his or her name student number. The number gets MD5()ed and compared with the column password. MySql has a function MD(), so that was very easy to do. Straight from the old book I mentioned. Right now I am stuck on getting the value of password_hash() in the column password. The password will be the student number.

4 reasons for this: 1. You don't know these students. They will continually lose their pws. 2. At the moment, I use an old method from the book PHP and MySql: Novice to Ninja. That uses MD5($studentnumber + 'allstudentsdb') 3. When I get this to work, like I said, I can split the student number, mix it with the Chinese name, it will actually be very safe, because only I will know how it is made up. 4. The web page is only for homework, and, because of the virus, online classes at the moment. There is nothing, repeat nothing of a sensitive nature involved. But first, I want to get the above working to insert the password in the password column. Any tips on that?

Hi, I'm new here and I should say, I am a raw amateur at PHP and MySQL. All I can do is look at how others do similar things and try and adapt it. I have a MySQL table: Neil_Details. It has 4 columns: id, number, name, password. I can enter number and name from a csv file automatically, no problem. id is the Primary Key and will auto_increment. The column 'number' is the student numbers, name is their Chinese names. I want to take the column number and generate a password from each number in the column password. That's all! People tell me, "Don't use their student numbers," but once I know how to do this in principle, I can splice part of the number and Chinese name together somehow and make a more secure password. I just want to learn how to do this in principle. Then I can do it for each class. So far I have this, which doesn't seem to work, although I get no errors in /var/log/apache2/error.log Could you please help me along a bit with some tips, pointers, links? My index.php first calls '/makePassword/form.html.php' This is called makePassword.php. Thanks for any tips! <?php //start PHP session session_start(); //check if login form is submitted if(isset($_POST['gettable'])){ //assign variables to post values $tablename = $_POST['tablename']; // login to the database dbname=allstudentsdb include $_SERVER['DOCUMENT_ROOT'] . '/includes/studentdb.inc.php'; $stmt = $pdo->prepare('SELECT * FROM ' . $tablename . ' WHERE number = :number'); $stmt->execute(['number' => $number]); $password = password_hash($number, PASSWORD_DEFAULT); echo 'password is ' . $password; $stmt = $pdo->prepare('INSERT INTO ' . $tablename . ' (password) VALUES (:password)'); try{ $stmt->execute(['password' => $password]); } catch(PDOException $e){ $_SESSION['error'] = $e->getMessage(); } } echo 'Passwords made!'; // the input form to get the mysql table name header('location: ' . '/makePassword/form.html.php'); ?>