Jump to content

regarding user passwords


gardan06

Recommended Posts

im making a simple module that will register a username and its password. what i want to happen is when the password gets saved into the database, it becomes a random character instead of the real password to avid hacking problems.

how can i insert the hashed password into mysql and also, how can i call it back to its original password later?
Link to comment
https://forums.phpfreaks.com/topic/19194-regarding-user-passwords/
Share on other sites

well, i was thinking when the user logs in, the module checks if the password he typed is the same from the password in the database. i was thinking of 2 things that could compare it:

1) convert the password from the database back to its original characters(which you said i cant, so maybe ill cross out this option). and:

2) convert the password the user typed to md5 hash and then compare it the the md5-hashed password in the database.

would option #2 be the solution or is there another way to compare the passwords?
yes option 2 would be correct.

[code]$username = $_POST['username']; // assign username from form to $username
$password = md5($_POST['password']); //get password from form and convert it and assign to $password
$sql = "SELECT * FROM table_name WHERE username = '$username' AND password = '$password'";
  $res = mysql_query($sql) or die (mysql_error());
  $num_rows = mysql_num_rows($res);
if($num_rows >0){
// continue code here
} else {
echo "NO SOUP FOR YOU";
}[/code]

Ray

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.