FlyingIsFun1217 Posted April 21, 2008 Share Posted April 21, 2008 Hey, me again! Wondering this time, if there's a way to store and check an MD5 value in a cookie. Currently, I'm writing the MD5 contents of a string to the cookie (it holds '145062fb5a9aef2cbc014a652cec632f' as the MD5 hash), and trying to compare it to the value of another string's MD5 hash. Unfortunately, this only results in a mismatch, I assume because it's reading them as different types (md5 and string). Is there a way to save the MD5 hash into the cookie, and still check it against a string's MD5 hash... successfully? Thanks again! FlyingIsFun1217 Quote Link to comment Share on other sites More sharing options...
dptr1988 Posted April 21, 2008 Share Posted April 21, 2008 Yes, it should work. PHP doesn't have many different data 'types', and automatically converts between the few ones that it does have, so it is not a problem of different data types. Have you checked the contents of the hash from the cookie and the contents of the hash you are comparing it to? It could be trouble with setting and retreiveing cookies. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted April 21, 2008 Share Posted April 21, 2008 md5 outputs a string, so there shouldn't be any problem. Make sure you're generating the right hash. Quote Link to comment Share on other sites More sharing options...
unidox Posted April 21, 2008 Share Posted April 21, 2008 If I were you I would not use md5, or atleast salt it and add some custom encryption to it. Quote Link to comment Share on other sites More sharing options...
FlyingIsFun1217 Posted April 22, 2008 Author Share Posted April 22, 2008 Well, it's nothing that needs to be extremely secure, just enough to deter most invalid access attempts. Hmm. Well, here's what I'm using to check: Index: <?php if(isset($_COOKIE['pMD5'])) { $passwordFromCookie = $_COOKIE['pMD5']; include('loginCheck.php'); if($passwordFromCookie = $encryptedPass) { echo '<script type="text/javascript">'; echo 'window.location = "http://flyingisfun1217.freeweb7.com/gallery/pagetogoto.php"'; echo '</script>'; } else { setcookie("pMD5", "", time()-3600); echo '<script type="text/javascript">'; echo 'window.location = "http://flyingisfun1217.freeweb7.com/gallery/login.php"'; echo '</script>'; } } else { echo '<script type="text/javascript">'; echo 'window.location = "http://flyingisfun1217.freeweb7.com/gallery/login.php"'; echo '</script>'; } ?> loginCheck.php: <?php $passwordFromLogin = $_POST['passwrd']; $passwordEncrypted = md5($passwordFromLogin); $passwordText = 'password_on_server'; $encryptedPass = md5($passwordText); if ($passwordEncrypted == $encryptedPass) { setcookie("pMD5",$passwordEncrypted,time()+60*60*24*30); echo '<script type="text/javascript">'; echo 'window.location = "http://flyingisfun1217.freeweb7.com/gallery/pagetogoto.php"'; echo '</script>'; } else { echo '<script type="text/javascript">'; echo 'window.location = "http://flyingisfun1217.freeweb7.com/gallery/error.php"'; echo '</script>'; } ?> But every time I log in, and reload the index page, it shoots me to my error page. I figured this was because it's checking against a wrong variable type. BTW: Thanks for telling that php converts variable types. I'm used to getting nasty errors when not typecasting in C++ Thanks again! FlyingIsFun1217 Quote Link to comment Share on other sites More sharing options...
dptr1988 Posted April 22, 2008 Share Posted April 22, 2008 In the file 'index.php' your are only using 1 equals sign where you should be using 2 equal signs ('==') to do the comparision. <?php // BAD if($passwordFromCookie = $encryptedPass) //Good if($passwordFromCookie == $encryptedPass) ?> Also where is the variable $encryptedPass setup? It looks like a uninitialzed var. Quote Link to comment Share on other sites More sharing options...
DarkWater Posted April 22, 2008 Share Posted April 22, 2008 In the file 'index.php' your are only using 1 equals sign where you should be using 2 equal signs ('==') to do the comparision. <?php // BAD if($passwordFromCookie = $encryptedPass) //Good if($passwordFromCookie == $encryptedPass) ?> Also where is the variable $encryptedPass setup? It looks like a uninitialzed var. He might have it set somewhere (like from a DB) and just isn't showing us. =P But yeah, dptr is right about the comparison. You need to have ==. Quote Link to comment Share on other sites More sharing options...
FlyingIsFun1217 Posted April 22, 2008 Author Share Posted April 22, 2008 Ahh! Stupid me! Well, at least it's not anything overly complicated. And yes, I'm getting that field from a different form Thanks again! FlyingIsFun1217 Quote Link to comment Share on other sites More sharing options...
FlyingIsFun1217 Posted April 22, 2008 Author Share Posted April 22, 2008 Not overly complicated, yet it still doesn't work... I've even gone through and cleared my browser cache, and it still gives me the same thing FlyingIsFun1217 Quote Link to comment Share on other sites More sharing options...
FlyingIsFun1217 Posted April 22, 2008 Author Share Posted April 22, 2008 Eh, just a stupid little error on my part, with the way I was forwarding through pages. Thanks guys (gals?)! FlyingIsFun1217 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.