md5 forms

[Madatan]

Okey so I got a login form thats sending the password to a database, I want the password to be converted into md5. How do I do that? and then, how do I do in the login area so it read it as md5?

[code]


form id="form1" name="form1" method="post" action="">
    <input type="text" name="anv" />
  </p>
<p>Email:
<input name="email" type="text" id="email" />
</p>
<p>L&ouml;senord:
<input name="losen" type="password" id="losen" />
<input name="ranger" type="submit" id="ranger" value="Register" />
</p>
</form>
[/code]

[ToonMariner]

to use md5 encryption you simply need to use teh md5(); function.

I have seen many scripts that process the data posted from a form and do md5 on recipet of the info - which for me completely defeats the object. Sure the string shoudl be encrypted client side (if js is on!) prior to being sent over the network......

[brown2005]

$a = $_GET['losen'];

$a = md5($a);

then insert $a into databse

[willpower]

//Translate from md5

Well you dont need to.

In your database you store the encrytped password, then upon checking you take the users entered password, md5 it and check the md5 against the md5 that you stored in your database...Matched? Great then proceed.

$users_password=$_POST['password'];
$md5thepassword=md5($users_password);

blah blah select blah where blah = $md5thepassword

Kinda thing

Make sense?

Will

[onlyican]

MD5() is a 32 Bit One Way encryption
32Bit?
What ever the value
$a = "";
$a = "this is a long sentance, but I cant think of anything to type";

with using md5(), the value is 32 chars long (32 bits)

One Way Encryption

Means, you can not get a MD5 Encrypted string, and translate it back to what it was.

Although rumours have spread that hackers can. But think to yourself, Is your information Soo Important that a hack wants to hack the enctryption.