[SOLVED] help with encryption

[ndjustin20]

I am using the following code to submit information into a mysql database.  The problem I am having is the query that inserts the information. For some reason every time I submit the data the password field creats encryption for the literal $p instead of it's value.  I have tried using double quotes and no quotes.  Using double quotes create an error and using no quotes doesn't produce an error but the information is never submitted.

 

<?php

$page_title = 'Register Me';

echo '<h1 id="mainhead">Register Here</h1>';

include('./includes/Header.html');

if(isset($_POST['submitted'])) {

$errors = array();

if(empty($_POST['first_name'])) {
$errors[] = 'You forgot to enter your first name.';
}else{
$fn = $_POST['first_name'];
}

if(empty($_POST['last_name'])) {
$errors[] = 'You forgot to enter your last name.';
}else{
$ln = $_POST['last_name'];
}

if(empty($_POST['email'])) {
$errors[] = 'You forgot to enter your email address.';
}else{
$e = $_POST['email'];
}

if(empty($_POST['password1'])) {
if($_POST['password1'] != $_POST['password2'])

$errors[] = 'Your password and the confirmation password did not match.';
}else{
$p = $_POST['password1'];
}

if(empty($errors)) {

require_once('mysql_connect.php');

$query1 = "SELECT userid FROM users WHERE email='$e'";
$result1 = mysql_query($query1);
$num = mysql_num_rows($result1);


if ($num == 1){
echo 'Sorry that email address has already been taken';

}elseif($num < 1) {//IF THERE WAS NOT AN EMAIL ADDRESS FOUND THAT MATCHED

$query2 = "INSERT INTO users(first_name, last_name, email, password, registration_date) VALUES ('$fn',
'$ln', '$e', SHA('$p'), NOW() )";

$result2 = @mysql_query($query2); //run the query

echo '<p><h1 id="mainhead">Thank You</h1></p>
  <p>You have now been registered</p>';
  include('./includes/Footer.html');
  exit();

}else{

echo '<p>We can not register you at this time</p>';
include('./includes/Footer.html');
exit();
}

}else{

echo '<h1 class="mainhead">ERROR!</h1>';
  foreach($errors as $msg) {
  echo " - $msg<br />\n";
}
}  
}


?>


<form action="register_new.php" method="post">
<p><b><font color="#FF0000">First Name:</font></b><input type="text" name="first_name" value="<?php if(isset($_POST['first_name'])) echo $_POST['first_name']; ?>" size="20" maxlength="20" /></p>
<p><b><font color="#00CC00">Last Name:</font></b><input type="text" name="last_name" value="<?php if(isset($_POST['last_name'])) echo $_POST['last_name'];?>" size="20" maxlength="20" /></p>
<p><b><font color="#0000CC">Email Address:</font></b><input type="text" name="email" value="<?php if(isset($_POST['email'])) echo $_POST['email'];?>" size="20"
maxlength="40" /></p>
<p><b><font color="#FF3333">Enter Password:</font></b><input type="password" name="password1" size="20" /></p>
<p><b><font color="#0033FF">Retype Password:</font></b><input type="password" name="password2" size="20" /></p>
<p><input type="submit" name="submit" value="Register" /></p>
<p><input type="hidden" name="submitted" value="TRUE"  /></p>

</form>

<?php include ('./includes/Footer.html'); ?>

[DeanWhitehouse]

don;t you have to ecnrypt it first like this

$password = "then the encryption and password";

 

then insert that variable into the database

[ndjustin20]

That is really something.....all day I have been trying to figure this one thing out....I have used the online mentor and other forums and really until you just posted that I couldn't figure it out.  I really have no idea why it won't encrypt before it sends the info or whatnot but I changed the code to this:

 

$p = SHA1("$p");


$query2 = "INSERT INTO users(first_name, last_name, email, password, registration_date) VALUES ('$fn',
'$ln', '$e', '$p', NOW() )";

 

 

And of course everything worked perfectly.  THANK YOU VERY VERY VERY VERY MUCH!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

[DeanWhitehouse]

No Problem, if it's closed please click solved at the bottom