dazzclub Posted July 8, 2008 Share Posted July 8, 2008 Hi there, i created a registration form that puts a username and password into a user table. i have put the password with the function SHA1. When i create a login form would i then need to use this function aswell when i pass the password variable in the select query? cheers Darren Link to comment https://forums.phpfreaks.com/topic/113697-solved-quick-question-regarding-a-login-script/ Share on other sites More sharing options...
waynew Posted July 8, 2008 Share Posted July 8, 2008 When the user attempts to log in, convert there attempted password to sha1 and then compare with the password in the database. Link to comment https://forums.phpfreaks.com/topic/113697-solved-quick-question-regarding-a-login-script/#findComment-584281 Share on other sites More sharing options...
dazzclub Posted July 8, 2008 Author Share Posted July 8, 2008 like this; $sql = "SELECT user_id FROM users WHERE user_id = '$userId' AND password = SHA1('$password')"; Link to comment https://forums.phpfreaks.com/topic/113697-solved-quick-question-regarding-a-login-script/#findComment-584283 Share on other sites More sharing options...
waynew Posted July 8, 2008 Share Posted July 8, 2008 Yep, or simply $password = sha1($_POST['password']); //followed by SQL Other way is better however. Oh, and clean the input with mysql_real_escape_string() as password login forms are often the first to be attacked. Link to comment https://forums.phpfreaks.com/topic/113697-solved-quick-question-regarding-a-login-script/#findComment-584289 Share on other sites More sharing options...
dazzclub Posted July 8, 2008 Author Share Posted July 8, 2008 cheers thanks for that...i will clean the input data dont worry about that. thanks again. regards Dazzclub Link to comment https://forums.phpfreaks.com/topic/113697-solved-quick-question-regarding-a-login-script/#findComment-584301 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.