Lodius2000 Posted January 24, 2009 Share Posted January 24, 2009 Im working on a new user account management system, getting ready to make the login page... but I discovered something wierd.... my hash values are not the same before I post the script a few things: I created an account, $myhash is what was placed in my database in the password field, on the registration script the line $hash = hash("sha512",$password.$salt); is copy pasted, the value of $salt is also copy pasted, all these lines I made sure use the same style of quotes (single vs double). the password of 'password' was also copy pasted from this testscript... so here is my test script <?php $password = 'password'; $salt = 'hashme'; $hash = hash("sha512",$password.$salt); //myhash comes straight from my database $myhash = "0aadf252be8f696a28c46f03560f263eb51771d3617f65b06d4b039702cbd706005c41f41978df4bfa1122cf39f29fe41c169c66e4bfbea5b7ee4f44c0220d8d"; print $hash."<BR>"; print $myhash."<BR>"; print strlen($hash)."<BR>"; print strlen($myhash)."<BR>"; ?> this prints out 3068969b86a9132e08ce488841ef56a734d14278edfdd810ff0ea8ea412963e5f5e7f4358e27c1be4c900724bbb6c09af90c6255395a9baf26f653f6e3e0a774 0aadf252be8f696a28c46f03560f263eb51771d3617f65b06d4b039702cbd706005c41f41978df4bfa1122cf39f29fe41c169c66e4bfbea5b7ee4f44c0220d8d 128 128 as you can see, not the same....what gives? EDIT: whoops guess I need to change my hash.... HAHA //its changed now, but there were a couple of you who saw it Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/ Share on other sites More sharing options...
rubing Posted January 24, 2009 Share Posted January 24, 2009 how did you get the value for $myhash? Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/#findComment-744912 Share on other sites More sharing options...
Lodius2000 Posted January 24, 2009 Author Share Posted January 24, 2009 i got it from phpmyadmin, I created a dummy account and used the string 'password' as the password, and then got it from phpmyadmin and copy/pasted it into this test script Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/#findComment-744915 Share on other sites More sharing options...
rubing Posted January 24, 2009 Share Posted January 24, 2009 So, you are comparing hashes of 2 different strings. The value in your database is a hash of the string 'password' where as the value of $hash in your php script is a hash of the string 'passwordhashme' Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/#findComment-744920 Share on other sites More sharing options...
Lodius2000 Posted January 24, 2009 Author Share Posted January 24, 2009 no... the register script has this line '$hash = hash("sha512",$password.$salt);" pasted into it too and then $hash is put in the db Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/#findComment-744922 Share on other sites More sharing options...
rubing Posted January 24, 2009 Share Posted January 24, 2009 here's what you need to do: echo the values of $password, $salt, and $hash in your script that inserts into the DB as well as the other script. Now check that everything is consistent. Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/#findComment-744927 Share on other sites More sharing options...
Lodius2000 Posted January 24, 2009 Author Share Posted January 24, 2009 well theres an error somewhere but I cant see in regardless, I managed to make my login script work solved Link to comment https://forums.phpfreaks.com/topic/142197-solved-hashsha512-values-not-syncing-up/#findComment-744938 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.