liquidspaceman Posted February 19, 2010 Share Posted February 19, 2010 Trying to design a "change password" tool. On my signup code I'm using base64_encode, now I am trying to decode it on the change password screen and having issues. Yes I am very new to this. I keep returning a fail response with this. Help? <?php include("check_session.php"); include("online.php"); include("site.conf.php"); include("$base_dir/include/scTemplate.class.php"); include("$base_dir/include/timestamp.inc.php"); include("$base_dir/include/index.inc.php"); include("$base_dir/include/calendar.inc.php"); include("$base_dir/include/images.inc.php"); /**************************************************************** * open connection to mysql server * ****************************************************************/ $conn = mysql_connect($db_host, $db_user, $db_password); mysql_select_db($db_name, $conn); $sql = "select id from tbl_pm_message "; $sql .= "where (id_to='$user_id') and (status='online') and (flag='1')"; $result = mysql_query($sql); $new_message = mysql_num_rows($result); if (($old_password == "") || ($password1 == "") || ($password2 == "") || ($password1 != $password2)) { $error = "upt01"; } else { $old_password = base64_decode($old_password); $password1 = base64_encode($password1); $password2 = base64_encode($password2); $sql = "select id from tbl_user where (id='$user_id') and (code='$user_code') and "; $sql .= "('$old_password') "; $result = mysql_query($sql); $rows = mysql_num_rows($result); if ($rows > 0) { $sql = "update tbl_user set ('$password1'), status='active' "; $sql .= "where (id='$user_id') and (code='$user_code') "; $result = mysql_query($sql); if ($result) { $error = ""; } else { $error = "upt02"; } } else { $error = "upt03"; } } /**************************************************************** * generate page * ****************************************************************/ $tpl = new scTemplate("$templates_dir/password_result.html"); $tpl->replace("SC_SI_BANNER", show_banner()); $tpl->replace("SC_SI_ADS", show_ads()); $tpl->replace("SC_SI_MENU", show_menu(1)); $tpl->replace("SC_SI_LOGO", show_logo()); $tpl->replace("SC_SI_RIGHTLOGO", show_rightlogo()); $tpl->replace("SC_SI_SEARCH", show_search()); $tpl->replace("SC_SI_NEWS", show_news()); $tpl->replace("SC_SI_MEMBER", show_member()); $tpl->replace("SC_SI_CALENDAR", show_calendar()); $tpl->replace("SC_SI_BOTTOM", show_bottom()); $tpl->replace("SC_SI_COPYRIGHT", show_copyright()); $tpl->replace("SC_USERNAME", $user_name); $tpl->replace("SC_NEW", $new_message); if ($error == "") { $tpl->replace("SC_RESULT", "OK"); } else { $tpl->replace("SC_RESULT", "Failed"); } $tpl->write(); ?> Link to comment https://forums.phpfreaks.com/topic/192600-help-with-password-encodingdecoding/ Share on other sites More sharing options...
jl5501 Posted February 19, 2010 Share Posted February 19, 2010 It is unusual to ever want to decrypt passwords. The normal practice is to store passwords with a one way encryption like md5(), then when the user enters a password, the entered value is also encrypted using the same encryption, and the encrypted values compared. Link to comment https://forums.phpfreaks.com/topic/192600-help-with-password-encodingdecoding/#findComment-1014732 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.