Jump to content

Archived

This topic is now archived and is closed to further replies.

mbvo

md4

Recommended Posts

I'm working on writing a forum and would like to store the passwords as hashes.  is there some function built into php to do so?  or is there a php file i could download containing that function?

Share this post


Link to post
Share on other sites
I don't get this, I downloaded phpass-0.0 and extracted to my htdocs, and ever time i refresh test.php it gives me something differant.  are these the password hashes that would be saved to the database? and if so why do they keep changing and how do i compare 2 hashes that rn't identical?

Share this post


Link to post
Share on other sites
Personally I would use MD5 -- its the most secure that ive found.. 

So when they register you run this..

$pw = md5($_POST['password']);

then when they log in you do this...
[code]
<?php
$pw = md5($_POST['password']);
$un = $_POST['username'];
$query = mysql_query("SELECT * FROM users WHERE username LIKE BINARY '$un' AND password = '$pw'");
$query = mysql_fetch_assoc($query);
if (sizeof($query) == "" || sizeof($query) == "0") {
// invalid user
} else {
// valid user
}
?>
[/code]

Thats a quick type job and might contain some errors though for the most part should work.. 

note: using LIKE BINARY in your query will make it so the username is case sensitive..  its the same I way I do mine.

Share this post


Link to post
Share on other sites
isn't the correct syntax:

"SELECT * FROM users WHERE username LIKE BINARY '" . $un . "' AND password = '" . $pw . "'"

not:

"SELECT * FROM users WHERE username LIKE BINARY '$un' AND password = '$pw'"

or will both work?

Share this post


Link to post
Share on other sites
Both will work...  now if you did it like this..

'SELECT * FROM users WHERE username LIKE BINARY '$un' AND password = $pw'

it would not...  if you are going to submit strings in your query you have to use " at the beginning and end and escape the string by using ' around it...  Thats the way I've always done it though sometimes I'll do it like the way you've shown -- well almost..

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.